Date: Wednesday , January 28, 2015
FireEye (NASDAQ: FEYE) is a network security company that provides automated threat forensics and dynamic malware protection against advanced cyber threats. This California headquartered company has a current market cap of $5.04 billion.
In 2014 we saw some of the biggest breaches we\'ve ever witnessd. These breaches cost millions in fraud costs and shareholder value, loss of customer confidence and in some cases CEOs, CIOs and CISO losing their jobs. In reality, what is covered in the press is only a small fraction of the total breaches that took place. In short, 2014 was a bad year for a lot of organizations. As we look forward to 2015, a changing geopolitical situation makes it harder for government organizations to police the malicous activities that exist in cyber space while more devices and data move online. For bad actors this creates a target rich attack surface. As we look at recent trends in connectivity, mobile malware and cusumer behaviour, here are a few predictions for what could unfold in 2015.
Mobile Ransomware to Steal Your Cloud Accounts & Encrypt the Data
Mobile attacks will employ the Cryptolocker strategy and lock files on your mobile device for a ransom. This model proved effective and easy for attackers on Windows computers and naitive users could be tricked into a similar strategy on their mobile device. For Android, the Koler ransomware can lock the phone by showing messages:\"All your files are encrypted\" due to \"viewing/storage and/or dissemination of banned pornography\", and asks for a few hundred dollars to unlock it.
Phone based 2-factor Authentication Becomes Inadequate
Attackers may target a victim\'s PC and phone (e.g., Eurograbber), or just the phone. A well executed attack can intercept SMS messages used to validate an unknown login, redering mobile based 2-factor authentiation null. Potentially additional authentication devices could help mitigate this issue, for example, Google has a security USB key for this.
Internet of Things (IoT) & Security Issue
It is expected Linux/ELF malware going after the software that comprises the IoT. In 2014, the QNAP NAS, a storage device, was a perfect example of attackers targeting specific devices with Linux malware. We are likely to see other popular platforms attacked that expose a wide base of users and or devices. As more vulnerable platforms are discovered, we can expect to see more specialized Linux malware that runs on this class of consumer/SoHo devices.
PoS Attacks Will Increase in Frequency & Hit a Broader Group of Victims
New families of malware will continue to be created, which will be available to a growing number of cyber-criminals. This should cause attacks to spread to \"middle layer\" targets like payment processors and companies that manage and maintain PoS devices for both large and mid-sized businesses where a single successful intrusion could provide access to pools of credit card data from many sources that could rival the numbers we have seen stolen from single large victims thus far. Worst of all, expect to eventually see attacks more and more at both mid-sized and smaller local businesses that have neither the resources to defend against this threat, nor the knowledge to detect and mitigate them once they occur.
No More AV
IT security organizations will stop paying \'the big guys\' for AV outright and move to a strategy of using Microsoft-provided AV as \"good enough\" especially since it\'s frequently already paid for a part of organizations\' enterprise software agreements. The spending pattern will shift to other endpoint solutions that address advanced detection, response and forensics. As more and more organizations become aware of the need to detect and respond to intrusions, security spending will follow suit.
Surge in the Evolution of Mobile Threats
With Apple Pay joining Android and others in the mobile payment space, and NFC becoming increasingly mainstream, there will be a renewed vigour and focus on cybercrime in the mobile market as criminals prepare to follow the move to mobile payments. For example, FireEye saw Android Adware increase from less than 35K in 2012, to more than 300K in 2013, and to more than 410K in the first three quarters of 2014. The top categories of apps that are classified as adware include personalization, entertainment, and lifestyle apps. They have rich information about a user\'s profile and interests, which makes them ideal candidates for ad targeting.
Cyber Insurance Will Become a Key Part of Cyber Strategies
With high-level breaches business will increasingly look to new methods to marginalize business impact. FireEye predicts that cyber insurance will become the new method to marginalize risk, but this will drive insurers to focus in on the assurance of appropriate controls as they validate if polices should be paid on. All of which will start for the first time give clearer insight into the real hygiene standards in industry and the actual impact levels by industry and geography.