Get A Glimpse Of The Cyber Threat Landscape For 2016 And Beyond | Hacked: Hacking Finance

Get A Glimpse Of The Cyber Threat Landscape For 2016 And Beyond


Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.


Bitcoin Giant Bitmain Enters the High Stakes AI Race 27th August, 2017

Three Country Exchange Traded Funds Offer Potential For Investors 27th August, 2017


Get A Glimpse Of The Cyber Threat Landscape For 2016 And Beyond

Posted on .
This article was posted on Thursday, 14:06, UTC.

Cybercriminals won’t be letting up their attacks on hardware and firmware in 2016, and the security industry will be working harder to meet the growing challenge. According to the recently released McAfee Labs Threat Predictions Report, threats will expand to virtual machines, wearables, and other surfaces. The report explores developments in the cyber threat landscape and assesses threats expected in 2016 through 2020.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

logo-intel-security-2The report includes opinions from 33 Intel Security thought leaders and is designed to help organizations address threats as they currently exist and will change in the future, said Vincent Weafer, vice president of Intel Security’s McAfee Labs.

Coming In 2016

The 2016 predictions covers threats from ransomware, infrastructure attacks, attacks on automobile systems and the sale and warehousing of stolen data.

Hardware: Attacks on hardware and firmware will continue while the market for the tools that facilitate them will increase. System firmware toolkits could target virtual machines.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Ransomware: Ransomware is a growing threat that could anonymize payment methods and networks. More inexperienced cybercriminals will use ransomware-as-a-service.

Wearables: Most wearable devices store only small amounts of information, but cybercriminals could target them to undermine the smartphones that manage them. The industry will have to protect attack surfaces like networking and wi-fi software, operating system kernels, memory, user interfaces, storage systems and local files, web apps, virtual machines and security and access control software.

Employee systems: Attackers are likely to target organizations through their employees, including their home security systems, to access corporate networks. Organizations will have to stay vigilant by implementing new security technologies, create effective policies and hire experienced people.

Cloud services: Attackers could exploit vulnerable security policies that protect cloud services. These services could undermine business strategy, financials, portfolio strategies, next-generation innovations, employee data, acquisition and divestiture plans, and other data.

Automobiles: Connected automobile systems that lack security capabilities will be potential scenarios for exploitation. Automakers and IT vendors will partner to provide standards and solutions to protect attack surfaces like engine and transmission engine control units (ECUs), remote key systems, advanced driver assistance system ECUs, passive keyless entry, USBs, OBD IIs, V2X receiver, smartphone access and remote link type apps.

Warehouses of stolen data: The dark market for stolen, personally-identifiable information and user names and passwords will increase in 2016. Big data warehouses that link together stolen, personally-identifiable information sets make combined records more valuable to attackers.

Integrity attacks: Selective compromises to systems and data mark one of the most significant new attack vectors. Such attacks seize and modify transactions or data to favor perpetrators. An attacker can change direct deposit settings for a victim’s paychecks and direct the deposit to a different account. Cyber thieves could steal millions of dollars in an integrity attack in the financial sector in 2016, McAfee Labs predicts.

Sharing threat intelligence: Enterprises and security vendors will increasingly share intelligence. Legislative action could allow governments and companies to share threat intelligence. Best practices in this area will increase, allowing success metrics to emerge and quantify protection improvement. Threat intelligence cooperatives among vendors will grow.

Also read: Global survey quantifies exploding cybersecurity initiatives

Looking To 2020

Looking to 2020, McAfee Lab explores how threat actors will change, how their behaviors and targets will shift and how the industry can meet the challenges.

Below-the-OS attacks: Attackers could seek vulnerabilities in firmware and hardware as operating systems and applications strengthen against more conventional attacks. Attackers could access resources and gain control of administration and control capabilities, giving them broad control.

Detection evasion: Attackers will target new attack surfaces to avoid detection. Difficult-to-detect styles will include encrypted infiltrations, file-less threats, exploits of remote shell and remote control protocols, sandbox evasion malware, and below-the-OS attacks that target and exploit BIOs, master boot records (MBR) and firmware.

New devices and attack surfaces: There has not been a surge in wearable and IoT attacks, but by 2020 there could be install bases of such systems that reach penetration levels substantial enough to attract attackers. Virtual solution providers and technology vendors will seek to establish safety guidance and industry best practices. They will also build security controls into device architectures.

Cyberespionage goes corporate: The dark market for hacking services and malware code could allow cyberespionage malware to find use in corporate and public sector attacks for market manipulation and financial intelligence gathering to favor the attackers.

Privacy challenges and opportunities: The value and volume of personal digital data will expand and attract cyber criminals. This could lead to new global privacy regulations. Individuals will seek and gain compensation for sharing data. A market will develop from this “value exchange” and it could change the way individuals and organizations manage digital privacy.

Security industry response: The industry will create more effective tools to correct and detect sophisticated attacks. Behavior analytics could evolve to identify irregular actions that could indicate compromised accounts. Shared intelligence will likely provide better and faster protection capabilities. Cloud-integrated security could enhance control and visibility. Automated correction and detection technology portends the ability to protect enterprises from common attacks and free IT security staff to focus on the most critical security incidents.

Organizations Must Take Action

To succeed in preventing future threats, organizations have to see more learn more, detect and respond faster, said Weafer. Organizations have to fully utilize all human and technical resources available to them.

Readers can access the full report here.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

  • user

    AUTHOR Al Kyda

    Posted on 3:40 am November 13, 2015.

    What about AI getting out of control? Like the Morris worm, only smarter.

  • View Comments (1) ...
    The team:
    Dmitriy Lavrov
    Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
    Jonas Borchgrevink
    Jonas Borchgrevink is the founder of and He is a serial entrepreneur, trader and investor. He shares his own personal journey on // -- Discuss and ask Read More
    Mate Csar
    Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
    Mati Greenspan
    Senior Market Analyst at // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
    Rakesh Upadhyay
    Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
    Pamela Meropiali
    Account Manager
    Pamela Meropiali is responsible for users on // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
    Joseph Young
    Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
    InstaAgent was an app in both the Apple App Store…