Top 5 Cyber Security Threat Predictions For 2015; Cyber Blastware, Evasion Techniques, Internet-Of-Things Becomes Internet-Of-Threats; Digital Nano-Dust, Digital DNA Will Make It Harder To Hide

Top 5 Cyber Security Threat Predictions For 2015; Cyber Blastware, Evasion Techniques, Internet-Of-Things Becomes Internet-Of-Threats; Digital Nano-Dust, Digital DNA Will Make It Harder To Hide

The December 4, 2014 website, IT News Africa, had a story attempting to peer deep into 2015 and make some educated guesses as to what the top five cyber threats [globally] that we’re likely to see. First, some general observations: “as the number of devices connected to the Internet/World Wide Web increases, cyber criminals will continue to hone their prowess when it comes to The Internet of Things (IoT),” using more advanced/sophisticated techniques as well as more devious denial, deception, and evasion practices. Cyber criminals will continue to exploit large-scale server side vulnerabilities for financial gains; and other purposes — putting consumers private and personal information at risk — through cyber breaches of large corporations and their second/third tier suppliers.

Significant Trends And Cyber Security Threats From The Perspective Of A Black Hat Hacker In 2015

1) [Cyber] Blastware To Destroy Systems, Erase Data, And Cover Hacker Tracks: “This destructive new trend of [malicious] malware, following Scareware, and Ransomware, could lead to the ability for hackers to infiltrate systems, gather data, and then wipe out the information to/on systems, and hard drives…to cover tracks and thwart forensics.” IT News Africa quotes the BlackHat hacker. FortGuard Labs observed the first indications of Blastware in 2014. Dorkbot/NGRbot, where the hackers had code routines built-in, that if altered, would — would self-destruct and wipe out all the information on the hard drive/s. This is a direct counter response, the Black Hat hacker contends, to the rise of corporate incident response teams, remediation and restoration/resiliency. The cyber security firm, Fortinet, predicts that “Advanced Persistent Threat (APT) developers will build in sophisticated self-destruct mechanisms — in a seek and destroy fashion — that could hamper law enforcement and forensics efforts — as these resources increase [and become more widely used] to fight cyber-crime. Hackers may also seek to use these tactics for ransom — i.e., threaten to destroy the data, unless a ransom is paid in a certain timeframe — something the malicious program – CryptoLocker – became infamous for.

2) Hackers Look To Evade Law Enforcement, Frame The Innocent: “As cyber crime increases, law enforcement practices to catch and penalize perpetrators increase with it. Thus, hackers must be more careful and calculating to [successfully] evade discovery and capture. In 2015, advanced evasion techniques will evolve in order for attackers to cover their tracks. To date, evasion has been focused on counter antivirus and intrusion prevention/antibotnet. Fortinet predicts this will evolve with a focus on Sandbox evasion. In addition, similar to counter intelligence, it is possible that attackers will frame the innocent by throwing more red herrings into their attacks — to thwart investigators; and, intentionally planting evidence that points to an unassociated attacker. Intelligence agencies and nation-states, sophisticated hacker groups, and other cyber hacker malcontents are likely already utilizing these tactics — and, they are only likely to become more mature and devious.

3) The Internet of Things — Becomes The Internet of Threats: “In 2014, we saw an interesting shift — namely HeartBleed and Shellshock — focused on server side vulnerability and exploitation. Looking to 2015, we fully expect this trend to continue in an alarming way — as black hat hackers pry open The Internet of Things. Hackers will continue to follow the path of least resistance, as more and more devices are connected to the world wide web. Vulnerabilities that Black Hat hackers will look to exploit will include: Consumer home automaton and security systems, as well as webcams, which we are already beginning to see. On the Enterprise side, Network Attached Storage and Routers will continue to be targets, as well as critical infrastructure such as Human Machine Interfaces (HMI) and Supply Chain systems, which will create significant problems with third-party components, and patch management. Common malware sold and distributed will include SCADA functionality, such as Havex’s OPC routine that would fingerprint devices used in industrial networks; and, report this back to users.”

4) Denial of Revenue/Data Breaches Continue – And Expand

2014 is becoming known as “the year of the data breach,” with significant thefts from stores like Target, Michaels, P.F. Changs, and Home Depot. FortiGuard, predicts this trend will continue in 2015, as hackers become more sophisticated; and, find new loopholes for infiltrating retail and financial systems. In the New Year, damages will also extend to denial-of-service on assembly line, factory, ERP/SAP systems, as well as healthcare and building management, creating even more challenges in the way of critical consumer data compromises, revenue losses, and reputation damages for organizations globally.”

5) Rise In Counter Threat Intelligence

“Crime services and solutions have already supported QA for malware, including sample scanning. Fortinet predicts this to extend to support QA for threat intelligence; and, undetected coverage for indicator of compromise (IOC) in 2015. As crime services extend their research and coverage, hackers will utilize the same type of processes for determining the best ways to bypass security systems. For example, current crime services scan malware against vendors’ capabilities to stop it; and give them a score result. As vendors expand from malware detection to threat intelligence correlation, criminals will work to counter this movement with the same type of approaches to find out if their botnet infrastructure is flagged in other intelligence systems as well, and work to hide their tracks.

Some Other Devious Cyber Threats That Come To Mind — That May, Or May Not Be Possible – I Don’t Know

Some things that I think they missed above: The Internet will continue to balkanize — with “gated-communities,” various levels of encryption and privacy, and more widespread use of industrial-grade stealth malware. Stay-Behinds, Trojan Horses, Stealth Malware, covert exfiltration, false digital trails, denial and deception, and some cyber attack trial balloons may all see measured sophistication in 2015. The Dark Web will get even more dark; and. we’re also likely to see the emergence of an off-the-net cyber militia movement begin to take on a greater presence.

Digital fingerprints, digital DNA, digital identity management, will make it harder for someone to stay hidden; or, masquerade as someone they are not. Digital nano-dust may see a leap-ahead in capability — tagging not only the data; but, the individual who is typing the keystrokes. Digital stay-behinds will become much more insidious and devious, going dormant when someone or some program is trying to out them; and, become a digital chameleon — changing or obscuring its digital footprint; and, activate and re-activate — based on target activity ad availability, as well as remain cognizant of when the software or humans are attempting to discover its presence.

Encrypted, covert digital exfiltration methods and techniques will continue to mature; and the increased use of fake or purposeful disinformation and the insertion of that data into adversarial networks — how you see it depends on where you sit — will become more of a problem. Cyber tradecraft will become mandatory. V/R, RCP

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: