6 Internet Security Predictions That Will Affect You in 2015
Our analysis on the main IT industry events that took place in 2014 allowed us to provide these Internet security predictions that will most likely affect you not just in 2015, but in the following years.
2014 was the year that saw a series of security events from major data breaches to cyber-criminal attempts and major state interventions. And taking a look back at 2014 and the most important security events and cyber-criminal attacks, we notice some emerging trends that will continue to occur in 2015.
If security events in 2014 shook us all by major data breaches like the Apple iCloud photos leak and the recent Sony Pictures massive hack, new cyber-criminal threats and cyber-espionage by states against states, it is not very difficult to draw some conclusions on what the future may bring.
Data and Privacy Breaches
As we said above, we saw this year two big security attacks on large corporations, the Apple iCloud photos leak and the recent Sony Pictures Massive hack. And it is not the fact that security attacks on large companies are something new, it is rather the scale of retrieved information and the manner in which these attacks took place.
More than anything, private sensitive data which has been stolen and then shared with the entire world was something quite unexpected.
At the end of the day, some of us didn’t know who to judge, the thieves or the celebrities’ compromising photos, the supposed Korean cyber-criminals or the people involved in the Sony Pictures’ internal affairs?
In the end, it is the privacy breach that shook us all and the public display of the retrieved information.
There is no reason for us to expect a stop on these data and privacy breaches.
Our security analysts released an intelligence analysis of software vulnerabilities that indicates a growing problem for the IT industry.
Analyzing the numbers provided, the top 4 pieces of vulnerable 3rd party software in the last years are Oracle Java Runtime environment, Adobe Acrobat Reader, Adobe Flash Player / Plugin and Apple Quicktime.
Leaving aside this particular analysis, it becomes quite clear that we are facing a growing threat for the large companies that may become very easily vulnerable to cyber-criminal threats and fishing attempts.
Heartbleed and Shellshock are some of the worst software vulnerabilities encountered in 2014. Using these security holes, hackers are able to deploy malware and retrieve information from compromised systems.
We can stay informed on software vulnerabilities and install the necessary security patches as soon as they are released, but since software development process only increases all over the online environment, we are pretty sure software vulnerabilities will continue to appear.
Cyber-criminal threats involved in state espionage
The cyber-criminal activities from the last years created a threat background which spread beyond the single individual into the corporate world and even the political sphere.
Nowadays, we are no longer dealing with the single hacker or a small team of hackers trying to steal some private data from a single individual.
We have to admit: a new era of cyber-criminal threats emerged and the major targets are now large companies and corporations.
Since cyber threats proved to be quite reliable weapons in the online sphere, state sponsored cyber-espionage activities started being employed in the external politics to other states, or in some cases towards own citizens.
If we connect the massive state sponsorship of cyber-criminal groups with the technological improvements which resulted in stealth and sophisticated botnets, there shouldn’t surprise anyone the latest discovery of a new spying threat – Regin -, which was apparently developed and used by a nation-state, for large cyber-espionage campaigns to steal sensitive data from governments, corporations and private individuals.
There is no reason for anyone to think these new tools won’t be developed and used in 2015.
We use mobile devices to access our social media accounts, check our e-mail inbox, shop and pay bills.
The increasing level of connectivity between our personal lives and the digital world gives IT criminals a chance to access and retrieve private data and financial information easily.
And if we think about the online scams and threats out there, which appear on social media accounts and we try to make a connection between their spread and our increasing usage of mobile devices at work and in private, we will soon understand that malware is no longer contained on our operating systems, but has already gone into the mobile devices area.
When we refer to mobile devices, we imagine smartphones and especially the Android and iPhone markets. Though for the moment, the malware threats affecting these mobile platforms cannot be compared to those malware attacks that addressed the Windows platform in the recent years, it is more than obvious that malicious software production will target these platforms in the future. And isn’t 2015 the future?
Let’s just imagine what happens if names and phone numbers in your address book or private conversations and sensitive data from your social media account become available to a cyber-criminal mind.
Mobile devices and especially our smartphones are not just great tools and means that improve our lives and simplify it greatly, but they are also potential privacy and security risks which could affect our lives in quite a negative way. How hard could it be for an IT criminal to use private information and sensitive data in our mobile phone against us?
Such an opportunity will not be missed in 2015 or in the years to come.
Social media threats and online attacks will continue to increase in 2015. Since the number of online users will continue to evolve in all the countries around the world, the social platforms will act as delivery mechanisms to retrieve private data or target online businesses.
We predict the main interest for the cyber-criminal actions will still be in finding and removing users’ authentication credentials and personal information from the social media followers.
Collecting private data from an user’s account will help the potential cyber-criminals organize and imagine an online identity for their target before they can deploy an identity theft operation.
Internet of Things (IoT)
Besides the increasing threat landscape in the mobile devices platforms, or rather connected to this connectivity between valuable and sensitive information, we have the present trend of interconnecting our IT devices to gadgets and home devices.
This general spread of malware in all spheres of technology and especially in the online area will result in a greater number of threats. Though some voice s say that 2015 is not the year of the Internet of Things, and that we shouldn’t worry about this now, we think that keeping an open eye on this new privacy and security risk, we create the necessary mentality we need in order to prepare for the future.
Can there be a conclusion for future Internet security predictions?
We have analyzed the main security events that occurred in 2014 and based on our experience, we have managed to draw some conclusions in this present article on where the future of the IT industry will take us. Though it will be a fun road, full of novelties and surprises, it will also be a dangerous path we are about to walk and for that reason, we need to be prepared.
Though our experience taught us people don’t take measures to protect their systems from a potential danger and only prepare themselves when they are confronted by reality, we consider it is our job to create a threat mentality and keep you ready, not only for the present, but also for the future security events and privacy breaches.
Stay safe for another year!
This post was originally published by Aurelian Neagu in December 2014.