2016 is a new frontier for cybersecurity, but based on what happened in 2015, it’s safe to say that past incidents will continue this year. Here are four cybersecurity trends we expect to see in 2016:
The Growing Threat of Ransomware
Ransomware encrypts data on user machines to prevent access until the user pays to release the encryption. In other words, ransomware holds user data hostage and demands a ransom to free it. These attacks are becoming more and more common, even extorting money from police departments. Ransomware can affect both ordinary computers and phones—and it won’t be long until Internet of Things devices face the same alarming consequences.
The best defense against ransomware is to make frequent data backups. That way, once ransomware has encrypted a user's data, the user can simply restore from his or her most recent backup rather than pay the ransom. Of course, many users fail to back up their data on a regular basis. But as ransomware becomes more common, so may the practice of making backups.
Hacktivist and Terrorist Cyber Attackers
2016 is a presidential election year. That means hacktivists—politically motivated hackers—will have plenty of new opportunities to bring attention to their causes by focusing on politicians or rival political groups. All the media attention on the elections can be turned into media attention on hacks if hacktivists are able to compromise targets associated with the political races.
Terrorist hackers are another threat to cybersecurity. In 2015, supporters of the Islamic State took over social media accounts for the U.S. military's Central Command. The terrorist hackers published home addresses, email addresses, and other personal information of many former generals. Also in 2015, a U.S. drone strike killed an Islamic State hacker who was once associated with Anonymous. With such high stakes, it should be no surprise to assume that there will be more terrorist hackers making headlines in 2016.
Malvertising Becoming More Difficult to Spot
Malvertising, or malicious advertising, uses online advertising to propagate malware. With billions of ad impressions created every year by ads, advertising serves as a powerful platform through which hackers can spread their dangerous attacks. Malvertising can include pop-up software ads that promise to help but actually damage systems, drive-by downloads, Flash-based attacks, and more. It’s a relatively recent phenomenon, but users who don’t use ad-blockers can expect to encounter more sophisticated—and more difficult to spot—attacks.
Regulations on Encryption May Increase
Ever since the Snowden disclosures about the National Security Agency, encryption has been a controversial topic in political discussions across the country, such as whether or not ordinary users should be able to encrypt their data without backdoors for law enforcement to get around. The encoding issue has even been a question during the presidential primary debates. With all this attention on the topic, it is certainly a strong possibility that Congress could pass new laws regulating the use of encryption. But just what form the laws take remains to be seen.
Other Cybersecurity Trends
In addition to these four trends, we predict that known vulnerabilities will be exploited more frequently, insider threats will become more dangerous, vulnerabilities in critical infrastructure will lead to major breaches, and more attention will be paid to compliance regulations. Organizations can use EiQ products such as SOCVue, a managed security service that provides network security monitoring, log management, and SIEM to help in-house security teams prevent future attacks.
More and more, organizations who were previously understaffed, underbudgeted, and overwhelmed are finding that EiQ’s hybrid SaaS security services that combine the best people, process, and technology are a welcome change from going it alone. EiQ is transforming how mid-market organizations build enterprise-class security programs. Acting as an extension of our customers’ IT teams, EiQ’s SOCVue provides continuous security operations based on best-of-breed technology at a fraction of the cost of alternative solutions. EiQ is a trusted advisor to organizations that need to improve their IT security and compliance posture by protecting their infrastructure against cyber threats and vulnerabilities. To learn more, please request a demo today!