Headless worms, machine-to-machine attacks, jailbreaking, ghostware and two-faced malware: The language of cybersecurity incites a level of fear that seems appropriate, given all that’s at stake.
In the coming year, hackers will launch increasingly sophisticated attacks on everything from critical infrastructure to medical devices, said Fortinet global security strategist Derek Manky.
“We are facing an arms race in terms of security,” said Manky. Fortinet provides network security software and services, and its customers include carriers, data centers, enterprises, distributed offices and managed security service providers.
Here’s how the 2016 threat landscape looks to some experts:
“Every minute, we are seeing about half a million attack attempts that are happening in cyber space.”
The rise of machine-to-machine attacks
Research company Gartner predicts there will be 6.8 billion connected devices in use in 2016, a 30 percent increase over 2015. By 2020, that number will jump to more than 20 billion connected devices, predicts Gartner. Put another way, for every human being on the planet, there will be between two and three connected devices (based on current U.N. population projections).
The sheer number of connected devices, or the “Internet of Things,” presents an unprecedented opportunity for hackers. “We’re facing a massive problem moving forward for growing attack surface,” said Manky.
“That’s a very large playground for attackers, and consumer and corporate information is swimming in that playground,” he said. Many consumer connected devices do not prioritize security. As they proliferate, expect the number of attacks to skyrocket. “A lot of these products and services, oftentimes security will take a backseat, so it puts a lot of information at risk,” said Manky.
In its 2016 Planning Guide for Security and Risk Management, Gartner puts it like this: “The evolution of cloud and mobile technologies, as well as the emergence of the ‘Internet of Things,’ is elevating the importance of security and risk management as foundations.”
Smartphones present the biggest risk category going forward, said Manky. They are particularly attractive to cybercriminals because of the sheer number in use and multiple vectors of attack, including malicious apps and web browsing.
“We call this drive-by attacks — websites that will fingerprint your phone when you connect to them and understand what that phone is vulnerable to,” said Manky.
Apple devices are still the most secure, said Manky. “Apple’s had a good security policy because of application code review. So that helps, certainly, to filter out a lot of these potential malicious applications before they make it onto the consumer device,” he said.
“With that, nothing is ever safe,” he said.
Are you nurturing a headless worm?
The new year will likely bring entirely new worms and viruses able to propagate from device to device, predicts Fortinet. 2016 will see the first “headless worms” — malicious code — targeting “headless devices” such as smartwatches, smartphones and medical hardware.
“These are nasty bits of code that will float through millions and millions of computers,” said Manky.
Of course, the potential for harm when such threats can multiply across billions of connected devices is orders of magnitude greater.
“The largest we’ve seen to date is about 15 million infected machines controlled by one network with an attack surface of 20 billion devices. Certainly that number can easily spike to 50 million or more,” said Manky. “You can suddenly have a massive outage globally in terms of all these consumer devices just simply dying and going down.”
Jailbreaking the cloud
Expect a proliferation of attacks on cloud and cloud infrastructure, including so-called virtual machines, which are software-based computers. There will be malware specifically built to crack these cloud-based systems.
“Growing reliance on virtualization and both private and hybrid clouds will make these kinds of attacks even more fruitful for cybercriminals,” according to Fortinet.
At the same time, because apps rely on the cloud, mobile devices running compromised apps will provide a way for hackers to remotely attack public and private clouds and access corporate networks.
Hackers will use ghostware to conceal attacks
As law enforcement boosts its forensic capabilities, hackers will adapt to evade detection. Malware designed to penetrate networks, steal information, then cover up its tracks will emerge in 2016. So-called ghostware will make it extremely difficult for companies to track exactly how much data has been compromised, and hinder the ability of law enforcement to prosecute cybercriminals.
“The attacker and the adversaries are getting much more intelligent now,” said Manky.
Alongside ghostware, cybercriminals will continue to employ so-called “blastware” which destroys or disables a systems when detected. “Blastware can be used to take out things like critical infrastructure, and it’s much more of a damaging attack,” he said.
“Because attackers may circumvent preventative controls, detection and response capabilities are becoming increasingly critical,” advises Gartner in its report.