[December 10, 2014] |
|
AppRiver Presents Top Security Threat Predictions for 2015
AppRiver,
LLC, a leading provider of email messaging and Web security solutions,
today released its list of the top IT security threat predictions for
2015.
AppRiver's security experts actively monitor cyber-risks 24 hours a day,
every day. By scanning millions of messages, they uncover new and
emerging threats in real time, helping AppRiver protect its 47,000
client businesses worldwide.
Based on the company's 12 years of experience blocking spam, viruses and
malware - combined with its most recent threat data - AppRiver predicts
organizations will see the following in 2015:
-
Tried and true malware techniques will continue to evolve-Recent,
highly-effective social engineering ploys such as those utilized in
ransomware will continue to terrorize businesses. The criminals may
begin to get away with less money through awareness and proper backup
procedures by the intended targets, but there will still be plenty of
unsuspecting victims whose data will be at risk and likely
compromised, still costing the business itself.
-
The widening use of individual cloud storage services will begin to
pose a larger risk to businesses-The use of Dropbox, OneDrive,
Box (News - Alert), Google Drive, as well as all of the other cloud storage services
by individuals as a means to more easily access documents in multiple
locations, will pose a greater risk to personal as well as
professional targets as company documents and data comingle with
personal files in the cloud.
-
Point-of-sale (PoS) malware will continue to disrupt big box
stores, retailers and restaurants-2014 proved to be the year of
the breach and that was due to a rash of PoS style malware. The
seemingly simple nature as to how they keep making their way into
these systems is also troublesome and is a sign that these systems
will continue to be major targets throughout 2015.
-
Chip card technology will begin to force some cyber thieves to
change the way they do business-As card issuers are finally moving
to either chip-and-PIN or chip-and-signature technology, we expect to
see several changes in the card fraud landscape. Where previously a
cards magnetic stripe information could be easily stolen and
replicated, cards with chips will not be so easily re-produced. We
expect they will have to rely on transactions where the card is not
required to be presen such as certain online purchases and services.
This move may also result in an increase in identity theft as the
thieves would be able to create and open new accounts in their
victims' names.
-
The bevy of breaches that occurred during 2014 and the abundance of
credit card and other personal information obtained from them will
lead to an increase in spear-phishing and other more targeted attacks-So
much private personal information exists on the cyber underground now
that criminals will now be able to put together very specific personal
profiles of their targets thanks to these breaches and coupled with
further information gleaned from social media. This information will
be integral for highly targeted attacks or to be used in such a way as
to defeat new card technologies.
-
The TOR network and Peer to peer (P2P) networks will see a rise in
use by botnets and benign services as well-More sophisticated
malware will continue to defeat detection by hiding in common services
and using non-traditional forms of communication such as TOR or P2P.
On the other hand Facebook's (News - Alert) new experimental move into the TOR
network may inspire other reputable services to want to provide
anonymous access thereby enticing new users who may have been
unwilling to try them beforehand.
-
The increasing use of wearable technology will begin to be examined
a little deeper as people begin to wonder about where all of the data
that they're processing is ending up-With the ever-expanding
marketplace of health and fitness apps coupled with wearable devices
monitoring our every move, heartbeat, and location continue to gain
popularity, compromised security or just poor privacy settings will
leak this personal data out into the world and people will begin to
wonder where it is all ending up and what it's being used for. Expect
to see a lot of this data being used in target marketing.
-
Unexposed vulnerabilities in widely used platforms and protocols
will continue to be a goal for attackers-This year showed us some
major issues with secure communication like that in SSL as leveraged
by Heartbleed and a long time bug in Bash with Shellshock. The
discovery of vulnerabilities such as these will continue to be a major
goal for attackers and defenders alike.
-
The ever-growing increase in mobility could spell trouble for Bring
Your Own Device policies-Businesses that have very loose or even
no BYOD policies may be in trouble as more and more people are moving
to smart devices where business and personal life and data live side
by side. This could create a sharp increase in lost or compromised
data collected from these devices.
-
Acts of cyber aggression will continue between many nation states
including the U.S. and China, as well as remain a tool of warring
nations-We may not be privy to the majority of these attacks
against infrastructure or corporate espionage between our collective
countries, but evidence suggests that the Internet has become an
important tool in every aspect of our lives including war and
politics. Expect this "boots at home" tactic to remain in the playbook
as a first move in most conflicts whether it be just reconnaissance or
even the disabling of infrastructures and communications.
AppRiver security analysts also believe mobile payment systems will work
aggressively to make digital payments through services such as ApplePay,
Google (News - Alert) Wallet and CurrentC far more secure.
Jon French, security analyst at AppRiver, concludes, "Vendors have been
trying hard to change the way we make transactions - with features such
as Near Field Communication and virtual wallets in our mobile devices.
Unfortunately, its early adoption has left a bit too much to be desired,
thanks to security issues, so we can expect mobile payment systems and
its architectures as a highly likely target of attack."
About AppRiver AppRiver is a Software-as-a-Service (SaaS (News - Alert))
provider offering award-winning email and Web security solutions to
businesses of all sizes. Understanding the need to protect networks from
today's increasingly complex IT threats, AppRiver offers businesses a
comprehensive, yet affordable subscription-based solution that
incorporates the latest spam and virus protection, email encryption and
Web security on the market. In addition, the company provides a complete
managed service for Microsoft (News - Alert) Exchange, as well as a bundled Office 365
solution. Since its inception, AppRiver has sustained an impressive 93%
customer retention rate while growing its customer base to more than
47,000 companies and 8.5 million mailboxes worldwide. The company
maintains offices in Florida, Georgia, Texas, New York, Switzerland and
Spain, and is led by an Ernst & Young Florida Entrepreneur of the Year
award winner. For more information, please visit www.appriver.com.
[ Back To TMCnet.com's Homepage ]
|