Threat Predictions for 2016

The year 2015 will be remembered as the year of Data breach as we witnessed data leaks from Ashley Madison to JP Morgan Chase & Co to Apple. With companies seeing the importance of cyber security in the digital era, eScan team has predicted that 2016 can be alarming. There are several security predictions for the coming year as published in a report by eScan.

Ransomware

Ransomware will be a major threat in the year 2016. It is one of the easiest way for a cyber-criminal to extract money from the victims. In 2015, we witnessed Ransomware-as-a-service (RaaS) hosted on the Tox. This is expected to grow in the coming year as technological prowess cyber-criminals will make an attempt to access it and use it in hacking into user's computer. In addition to it, Ransomware creators would be looking to target new operating system such as Mac and would be looking for an unpredictable encryption key on Linux platforms.

Requirement of Improved Security on IoT Devices

Since the demand for smart devices and other Internet of Things (IoT) device are increasing every day, thus the need for advanced security for these devices has also increased. According to recent statistics, there will be almost 30 billion connected things in major industries and IoT will touch every role across the corporates. Ready devises are going to be in the market. Simultaneously, the attacks against these devices will also rise. Besides, medical device security might become a mainstream topic in 2016. Life-saving devices like pacemakers or insulin pumps can get hacked. Though no such cases have been reported till now, yet the potentiality always remains high. Under the evolving umbrella of mobile health, the hackers might catch up with the latest technologies to cripple them with unlawful activities. Some industries might even begin to develop guidelines that might address the new risks of information use and data ownership presented by IoT.

Increase in sextortion

There would be a rise in "sextortion" attack as scammers believe they can blackmail and threaten to leak personal photographs and videos of celebrities in return of money. This has set the trend of extorting money from them. The Ashley Madison was the most infamous internet scam ever as it opened Pandora box of scams. The hackers were quick to capitalize on Ashely Madison breach by sending impressive coherent spam messages. The Ashley Madison incident was a classic example of Privacy Breach and the registered users are reportedly having a bigger problem of Identity Theft.

Increase in Android threats would be murkier

There will be sharp increase in number of Android exploits in the coming year. The Stagefright vulnerability which was heavily reported in 2015 took Android market into storm. It allowed hackers to take over an Android smartphone by enabling malicious programs into audio files, delivered via MP3 or MP4 format.

Increase in iOS Malware

Apple witnessed security breaches in its App Store, once with the Instagram app- InstaAgent after it was found to store usernames and passwords for Instagram users and sends them to an unknown server. This app was removed from both Google Play Store and Apple Store and prior to that Xcodeghost Malware which infiltrated the App Store. The cyber-criminals created an illegitimate version of Xcode, Apple Software for creating apps, which convinced iOS developers to download. When the apps were developed and downloaded, the attackers were able to steal data of users and send it to servers they control. With millions of apps hosted and tested rigorously in both Apple and Google store, Android allows installation of applications from third-party markets, thus making it easier for cyber-criminals to inject malware into unofficial markets.

Payment systems

To buy something, all you need is cash in your pocket. But thanks to mobile era, Payment systems have been transformed into other forms like Mobile Wallet such as Apple Pay, Android Pay etc. Cyber-criminals would be keen to get their hands on these payment systems and untested financial services.