Cyber Security Threats 2015


Cyber Security Threats 2015

From the Target data breach to multiple attacks against Sony and Microsoft, 2014 was an eye opening year in terms of cyber security. CEO’s and board level representatives are now beginning to take the cost of cyber attacks against their companies seriously, and why wouldn’t they – 2014 was a year in which the media was reporting cyber security incidents on a daily basis. But what does 2015 have in store? Will the trending attacks against retailers continue? What emerging technologies might encourage further cyber security attacks? And what do experts predict will cost the most in 2015? Cyber security news looks at the top cyber security threats 2015.

1. Internet of Things

If you haven’t heard about the Internet of Things, where have you been? IoT is the most rapdily rising industry, with further increase predicted over the next 10 years as we move towards smart homes/living. As the number of internet connected devices at your home increase, so does the attack surface of your home network and potential impacts. From a world 5-10 years ago when only one device was connected to your home network, we are now living in an era where all your phones, laptops, tablets, TV’s and even kitchen equipment is connected to the Internet. This trend is set to continue and there has already been a plethora of research into vulnerabilities present on smart home devices and the potential impact that this could have. One particular device to watch out for is smart meters – the ability to control your houses temperature remotely via mobile devices. The security implications of this are huge and security researchers are continuously looking at ways to compromise these systems – the impact of which could result in astronomical heating bills or even overheating and blowing power supplies. With IoT firmly on security researchers agenda, you can bet it will be high up on the priorities of both state sponsored and cyber criminals. Watch out for this research in 2015 and make sure you are securing your home networks appropriately..

2. Sophisticated Malware

As with other years, malware is becoming more and more stealthy and harder to detect. 2015 will see the use of malware writers utilising p2p, darknet and tor communications sytems and distributing malware on a wide scale. Businesses need to start realising that malware is huge business and successful malware writers can earn a lot of money from their labour. The use of dark net and tor to avoid identification will continue and malware writers will continue to develop stronger capabilities to avoid detection. Ransomware is an area of particular concern, with a high rise identified towards the end of 2014. Ransomware, which “locks” users systems and demands payment for unlocking, is commonly infected via file sharing systems such as DropBox and OneDrive. The infected file, once opened, can encrypt both the users system and the file on the cloud storage, leaving the user no choice but to make payment or contact authorities. Our advice, ensure your data is backed up on removable media and only ever download files from drop boxes when you know the sender.

3. State Sponsored Attacks

We have seen state sponsored attacks dramatically increase in the past few years, with potential recent attacks from North Korea towards the back end of 2014. This is a trend that is set to continue in the coming years, with new weapons of choice being cyber attacks rather than physical attacks. With on-going feuds between North Korea and the US, we see this as one of the top cyber security threats 2015.

4. Traditional Vulnerabilities

There are some vulnerabilities and cyber security threats that are timeless – insecure/default passwords, weak encryption etc. These are all set to continue in 2015 and beyond as user awareness is still fundamentally flawed. As any cyber security professional knows, technical controls can only go so far before there is a reliance on the end user to be security aware e.g. not writing down passwords on a post-it note on the screen. The low hanging fruit is still the best way for attacks to propogate and attackers will always look for the easiest route through. This is a cyber security threat in 2015 and beyond!

5. Multiple Threats in Challenging Environments

Our final prediction for cyber security threats in 2015 is quite generic but ultimately, the biggest challenge for security professionals. Traditionally, organisations could take one threat, or risk, and apply controls to mitigate that risk. However, in the new world of cloud and mobile computing this is quickly becoming an impossible task. The number of attack paths is increasing exponentially as technology increases and this is leading to difficulties in addressing risks. Organisations now must consider the threat from remote access, mobile internet, web applications and Cloud storage as well as traditional threats at the network perimeter and end user device. Organisations need to move towards an holistic approach to tackling threats to their network, combining both technologies, processes, people and policies to enforce security controls effectively.

2014 was a big year in terms of documented attacks – iCloud, Target, Sony, Heartbleed and Sandworm to name but a few highly publicised attacks and vulnerabilities. 2015 is set to continue down this road, with a focus on emerging technologies such as IoT. We predict history will continue to repeat itself and highly publicised attacks that cost a lot of money could be easily prevented through simple controls. As this continues to happen, security awareness will increase and the end of 2015 will hopefully see a landscape that is more aware of the impacts of poor cyber security.

About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on .

Leave a Reply

Your email address will not be published. Required fields are marked *