This blog post was written by Vincent Weafer.
In the McAfee Labs 2016 Threats Predictions report, published today, we developed two distinct views of the future.
For the first section of the report, we interviewed 21 key people within McAfee Labs, Foundstone Professional Services, and the Office of the CTO’s Advanced Threat Research teams. They were asked to look over the horizon and predict how the types of threat actors will change, how attackers’ behaviors and targets will change, and how the industry will respond between now and 2020. They shared unique insights into the expected cyber threat landscape and the security industry’s likely response.
For the second section, we drilled down and made specific predictions about expected threat activity in 2016. Predictions for next year run the gamut from ransomware to attacks on automobiles, and from critical infrastructure attacks to the warehousing and sale of stolen data. Among other things, we:
- Discuss a subtle yet equally impactful form of attack—integrity attacks—that will become more prominent in 2016.
- Explain why better security in the enterprise will lead to more attacks on employees as they work from home.
- Describe changes in the way we pay for things, and their implications.
- Outline why wearables, integrated with smartphones, are an attractive attack vector.
- Highlight positive changes in the sharing of threat intelligence within the private sector and between the private sector and governments.
The report illustrates an ever-evolving threat landscape, in which applications and prominent operating systems are hardened to attacks, but attackers shift their focus to less prominent but critical attack surfaces, innovative attack styles, and new device types. Researchers depict enterprises building out their complex security defenses and comprehensive policies, while attackers target the weak security of employees working remotely. Nation-state actors continue to drive development of the most sophisticated attacks through firmware, espionage malware, and detection evasion.
The cybercrime-as-a-service ecosystem discovers, mutates, and sells these advanced capabilities and support infrastructure to all comers, including the least sophisticated malicious actors, on the burgeoning dark web. And, while courts and legislatures continue to move slowly to protect individuals and organizations, there are the positive prospects of threat intelligence collaboration that provides organizations real advantages versus their adversaries.
This collective view reveals short- and long-term implications for organizations and an IT security industry working to keep pace with business opportunities and technology challenges, while fighting off the threats attackers launch to take advantage of them.