Organizations have been battling cyberthreats for as long as computers have existed, but the flow of headlines related to high-profile data breaches was especially unrelenting in 2015. With another year ahead, now is as good a time as any to assess some of the likely top cyberthreats in 2016, and some of the best ways to defend against them.
Spear-phishing and watering hole scams
A favorite in the hacker's arsenal of cyberattacks is the highly targeted spear-phishing scam. Cybercriminals will most likely continue to rely upon this method in 2016 mainly because it works. What makes phishing so effective is the method of delivery. An office worker might receive a message in his or her inbox requesting that the attached PDF be viewed. In haste, an employee might not verify the source of the email, and download an executable file disguised by Windows' hidden extension feature. This, according to Computerworld, is exactly how one notorious form of ransomware called Cryptolocker does its damage.
Other more highly targeted versions might actually involve hacking an email account and then sending out a blast in an attempt to infect specific targets. What may appear to be an innocuous download request from a trusted co-worker or client is in fact malware. These tactics are extremely effective, as the ability to make a scam seem legitimate is ultimately why so many people fall for them. According to ITProPortal, the majority of successful phishing emails are opened within 24 hours of being sent.
Alternatively, cybercriminals may target their victims through the use of watering hole tactics. Technically, these scams take a page out of phishing's book. Hackers will infect certain webpages with malware that they know a specific target or targets to visit regularly. In doing, they can worm their way into the desired system or network.
Hackers will become more ambitious
It's well-known at this point that many hackers act in groups, and that they can be quite threatening to organizations of all stripes. However, Control Risk's Riskmap 2016 has revealed that a third of all targeted attacks in 2015 gunned for government organizations. Hackers are also going after critical infrastructure, such as the electric grid. In fact, ISIS hackers have actively, albeit unsuccessfully, targeted the U.S. electric grid, according to CNN.
More recently, Ukraine made the claim that hackers were responsible for power outages that took place only a few days before Christmas, according to a recent Forbes article. Cybersecurity specialist Robert M. Lee from the U.S. backed up these claims, stating that malware was in fact discovered on the Prykarpattyaoblenergo – the affected energy provider – network. He told Forbes that while the malware by itself could not have caused the outages, it is very likely to have had some role in the overall scheme.
Stopping cyberthreats in their tracks
Cyberthreats are always serious, but especially when well-known, effective tactics are turned against high-value targets with full force. This is very likely to continue to occur in 2016. As the 2015 U.S. Office of Personnel Management breach has shown – as well as the alleged breach on the Ukraine energy company – no target is too ambitious for cybercriminals. Any and all vulnerabilities will be exploited.
Thus, in 2016, cybersecurity must be sharper than ever. Protecting complex networks is not just a matter of building walls around it; it's a matter of defending it inside and out. Hackers are adept at sneaking in on the heels of authorized users (i.e. via phishing and watering hole scams). Organizations need a way to detect these snoops before they can cause serious damage, or get away with valuable data.
One method that has been used to achieve this is through the use of security information and event management services, or SIEM services. The beauty of SIEM is that it thoroughly monitors network traffic in such a way that truly malevolent threats are quickly flagged, and false positives are swiftly disregarded.
This type of detective cybersecurity will be vital to ensuring the safety of digital assets in 2016. This is especially true now that managed SIEM can be delivered as a cloud-based service. This significantly cuts back on the time to deployment – which traditionally could take up to a full year – while saving IT staff time and organizations money.
Cybercrime in 2016 appear menacing by many projections, and while there is no sure-fire way to prevent a data breach, there SIEM-as-a-service will play a pivotal role in stopping cyberthreats in their tracks.
Cybersecurity news and analysis brought to you by Arctic Wolf, leading provider of managed SIEM services.