[December 10, 2014]

AppRiver Presents Top Security Threat Predictions for 2015

AppRiver, LLC, a leading provider of email messaging and Web security solutions, today released its list of the top IT security threat predictions for 2015.

AppRiver's security experts actively monitor cyber-risks 24 hours a day, every day. By scanning millions of messages, they uncover new and emerging threats in real time, helping AppRiver protect its 47,000 client businesses worldwide.

Based on the company's 12 years of experience blocking spam, viruses and malware - combined with its most recent threat data - AppRiver predicts organizations will see the following in 2015:

• Tried and true malware techniques will continue to evolve-Recent, highly-effective social engineering ploys such as those utilized in ransomware will continue to terrorize businesses. The criminals may begin to get away with less money through awareness and proper backup procedures by the intended targets, but there will still be plenty of unsuspecting victims whose data will be at risk and likely compromised, still costing the business itself.
• The widening use of individual cloud storage services will begin to pose a larger risk to businesses-The use of Dropbox, OneDrive, Box (News - Alert), Google Drive, as well as all of the other cloud storage services by individuals as a means to more easily access documents in multiple locations, will pose a greater risk to personal as well as professional targets as company documents and data comingle with personal files in the cloud.
• Point-of-sale (PoS) malware will continue to disrupt big box stores, retailers and restaurants-2014 proved to be the year of the breach and that was due to a rash of PoS style malware. The seemingly simple nature as to how they keep making their way into these systems is also troublesome and is a sign that these systems will continue to be major targets throughout 2015.
• Chip card technology will begin to force some cyber thieves to change the way they do business-As card issuers are finally moving to either chip-and-PIN or chip-and-signature technology, we expect to see several changes in the card fraud landscape. Where previously a cards magnetic stripe information could be easily stolen and replicated, cards with chips will not be so easily re-produced. We expect they will have to rely on transactions where the card is not required to be presen such as certain online purchases and services. This move may also result in an increase in identity theft as the thieves would be able to create and open new accounts in their victims' names.
• The bevy of breaches that occurred during 2014 and the abundance of credit card and other personal information obtained from them will lead to an increase in spear-phishing and other more targeted attacks-So much private personal information exists on the cyber underground now that criminals will now be able to put together very specific personal profiles of their targets thanks to these breaches and coupled with further information gleaned from social media. This information will be integral for highly targeted attacks or to be used in such a way as to defeat new card technologies.
• The TOR network and Peer to peer (P2P) networks will see a rise in use by botnets and benign services as well-More sophisticated malware will continue to defeat detection by hiding in common services and using non-traditional forms of communication such as TOR or P2P. On the other hand Facebook's (News - Alert) new experimental move into the TOR network may inspire other reputable services to want to provide anonymous access thereby enticing new users who may have been unwilling to try them beforehand.
• The increasing use of wearable technology will begin to be examined a little deeper as people begin to wonder about where all of the data that they're processing is ending up-With the ever-expanding marketplace of health and fitness apps coupled with wearable devices monitoring our every move, heartbeat, and location continue to gain popularity, compromised security or just poor privacy settings will leak this personal data out into the world and people will begin to wonder where it is all ending up and what it's being used for. Expect to see a lot of this data being used in target marketing.
• Unexposed vulnerabilities in widely used platforms and protocols will continue to be a goal for attackers-This year showed us some major issues with secure communication like that in SSL as leveraged by Heartbleed and a long time bug in Bash with Shellshock. The discovery of vulnerabilities such as these will continue to be a major goal for attackers and defenders alike.
• The ever-growing increase in mobility could spell trouble for Bring Your Own Device policies-Businesses that have very loose or even no BYOD policies may be in trouble as more and more people are moving to smart devices where business and personal life and data live side by side. This could create a sharp increase in lost or compromised data collected from these devices.
• Acts of cyber aggression will continue between many nation states including the U.S. and China, as well as remain a tool of warring nations-We may not be privy to the majority of these attacks against infrastructure or corporate espionage between our collective countries, but evidence suggests that the Internet has become an important tool in every aspect of our lives including war and politics. Expect this "boots at home" tactic to remain in the playbook as a first move in most conflicts whether it be just reconnaissance or even the disabling of infrastructures and communications.

Jon French, security analyst at AppRiver, concludes, "Vendors have been trying hard to change the way we make transactions - with features such as Near Field Communication and virtual wallets in our mobile devices. Unfortunately, its early adoption has left a bit too much to be desired, thanks to security issues, so we can expect mobile payment systems and its architectures as a highly likely target of attack."

About AppRiver
AppRiver is a Software-as-a-Service (SaaS (News - Alert)) provider offering award-winning email and Web security solutions to businesses of all sizes. Understanding the need to protect networks from today's increasingly complex IT threats, AppRiver offers businesses a comprehensive, yet affordable subscription-based solution that incorporates the latest spam and virus protection, email encryption and Web security on the market. In addition, the company provides a complete managed service for Microsoft (News - Alert) Exchange, as well as a bundled Office 365 solution. Since its inception, AppRiver has sustained an impressive 93% customer retention rate while growing its customer base to more than 47,000 companies and 8.5 million mailboxes worldwide. The company maintains offices in Florida, Georgia, Texas, New York, Switzerland and Spain, and is led by an Ernst & Young Florida Entrepreneur of the Year award winner. For more information, please visit www.appriver.com.

[ Back To TMCnet.com's Homepage ]