2016 Cybersecurity Predictions Report Examines Growth in Integrity Attacks

By on

Cybersecurity changes rapidly. Those with valuable insights can better prepare for the shifting risks and opportunities. McAfee has just released the McAfee Labs 2016 Threats Predictions, a report covering both cybersecurity predictions for the coming year as well as a five-year look forward at the changing security field. Collectively, the report paints a picture of a growing technology landscape and the attackers who are maneuvering for an unfair advantage at the expense of others.

I am honored to have contributed to this year’s exercise, collaborating with a stellar group of experienced security experts. Many of the predictions are logical extensions of current attacks, newsworthy events, or tied closely to the growth of technology.

One prediction in particular may surprise people. The growth of integrity attacks could be the unexpected shift that will fuel significant change in perspectives, expectations, and controls.

Unlike denial-of-service attacks, which undermine the availability of entire systems, or data breaches, which steal confidential data, integrity attacks maliciously modify data or transactions.

We have seen a number of cases in which attackers with financial motivations are undermining the integrity of data for their benefit. These types of attacks can be very selective and discrete, making them extremely difficult to detect, prevent, and correct. Perhaps most important, such maneuvers have generated an unexpectedly shocking amount of loss and victims angst.

Banking infrastructure malware Carbanak, which was discovered in 2015, infected banks and selectively modified systems to create a small number of fraudulent transactions that fleeced hundreds of millions of dollars in a single coordinated campaign.

In separate attacks, business victims have seen their email systems tampered with. Fraudulent messages crafted from executives’ accounts to accounts-payable departments instructed money transfers to be made immediately to a third party. These messages were not actually from the executives, but rather from attackers who were able to gain administrative access to the communication tools and use them to send funds to entities they controlled.

Crypto-based ransomware is another example of an integrity attack. Consumers, businesses, and even government agencies have been victimized, with selected files of infected systems encrypted by the attackers and held for ransom. The Cyber Threat Alliance, which includes McAfee, recently published a detailed analysis showing how one such ransomware, CryptoWall, is responsible for taking a staggering $325 million from its victims.

Attacks designed to undermine the integrity of systems and data tend to create emotional distress in victims as they suffer from being targeted in a very personal way. Their family pictures are held for ransom, emails with their addresses are forged, and select transactions from their companies are tampered with. From a security perspective, the current generation of tools is not designed or optimized to protect from such attacks. The resulting impacts may be enough to fundamentally change opinions and expectations of security.

Overall, we at McAfee believe integrity-based attacks will continue to rise in 2016 and beyond, as they are proving lucrative for attackers and troublesome for defenders.

To protect technology, users, data, and digital services, we all must understand the challenges we will face in the future. Download the free report and gain the insights of experts at McAfee.




Leave a Comment

Similar articles

At the end of last year, a survey revealed that the most popular password was still “123456,” followed by “password.” These highly hackable choices are despite years of education around the importance of password security. So, what does this say about people who pick simple passwords? Most likely, they are shooting for a password that is ...
Read Blog
If you’re a gamer, you know how important virtual currency is. It allows you to purchase new costumes and weapons to personalize your avatar. But how does one go about gaining virtual currency? Players complete in-game challenges and are rewarded with coins to spend in their virtual world. These challenges can be pretty difficult and ...
Read Blog
Holiday stress. Every year, come November, my resting heart rate starts to rise: the festive season is approaching. Not only is there so much to do but there’s so much to spend money on. There are presents to purchase, feasts to prepare and party outfits to buy. Throw in a holiday to fill the long ...
Read Blog