Blue Coat 2015 Predictions

Blue Coat 2015 Predictions

Matthias YEO (CISSP, CISA, CISM, PMP®)

Chief Technology Officer – Asia Pacific Blue Coat

แมทเทียสPRIVACY AND SECURITY DIG IN FOR A LONG WAR

Encrypted Traffic will Increase…So will Data Breaches– Use of encryption will continue to increase to protect consumer privacy. Malware will increasingly hide behind encryption to evade detection by most enterprises that are struggling to balance employee privacy with attacks hiding behind encryption.  (NOTE: We can reference our ETM report)

BIG MEDIA WILL SAY NO TO MALVERTISING

As Malvertising Increases, Media Companies will Pressure Ad Partners– Major Media properties will increasingly display ads from partner networks that host malware. As the risks of infection by visitors to their Web properties increase, these media companies will put more pressure on their ad partners to eliminate malvertising. NOTE: We can highlight various Chris Larsen blogs to showcase examples of malvertising. Here is a list of blogs you may find helpful:

https://www.bluecoat.com/security-blog/2014-11-20/international-scam-network

https://www.bluecoat.com/security-blog/2014-09-30/fake-company-malware-job-applications-craigslist

https://www.bluecoat.com/security-blog/2014-10-12/hacked-japanese-server-used-russian-malnet

https://www.bluecoat.com/security-blog/2014-03-21/la-times-malvertising-again

https://www.bluecoat.com/security-blog/2014-03-21/mobile-malvertising-trend-not-blip

https://www.bluecoat.com/security-blog/2014-01-13/look-early-stages-yahoo-malvertising-attack

2015 will be the year of PUS . .  EWW

Potentially unwanted software (PUS) is picking up on mobile devices. Hidden deep down in end-user licensing agreements and frequently missed by users downloading free aps, PUS will increasingly be part of downloads to gather information about your web surfing, in order to “improve your browsing experience,” such as serving you more relevant advertisements. As PUS is increasingly added to free software by developers seeking to monetize their creations, it will slow down — and even destabilize — infected devices.

“ . . . IN UNMARKED BILLS OR YOU WILL NEVER SEE YOUR DATA AGAIN

Ransomware will Aim Higher and Cost More —Ransomware hit a lot of people in 2014. The next logical next step for ransomware creators is to say “how can I increase value from my victim?” Blue Coat predicts that the next real targets will be small businesses or small government organizations – entities with hundreds of thousands in their bank account. These attacks will involve conducting reconnaissance on target computers/systems – not just blindly encrypting all the documents. If attacks can access the network storage, attacks can demand higher ransoms.  NOTE: We have blog we can reference:

https://www.bluecoat.com/security-blog/2014-05-09/hacked-wordpress-sites-lead-exkits-cryptowall

IN YOUR FACE!

Attackers will Get Social – Attack tools will increasingly leverage information from social networks to customize the attacks in a better way. Most targeted attacks have a social context, which increases efficacy and is easier to do now. Attackers will exploit their knowledge of target victims to gain access to critical systems and data.

https://www.bluecoat.com/security-blog/2014-02-12/facebook-phishing-tumblr

 BIG BROTHER WILL ABSOLUTELY BE WATCHING

The Rise of Espionageware – While it was relatively low in volume in 2014, expect an increase in surveillance software that is created by security companies or nation states to monitor certain people. As international conflicts emerge, these tools will inevitably be used to keep track of what people are doing and whether they’re a security risk or not.

HEARTBLEED, SHELLSHOCK, and POODLE, OH MY…

“Common mode failure” events, where a single defect causes failures to ripple through a system, like Heartbleed, Shellshock. Vulnerability seekers (researchers, attackers) have had their first taste of this, and there’s no going back now. In 2015 we expect to see:

  • Increased development and technology costs, as developers start to invest more in code analysis on open-source, or move toward commercial alternatives where a 3rd party / licensee can be liable
  • Open source factionalizing, as more “indignant forking” starts to happen, like LibreSSL
  • A slowdown to the pace of innovation overall, as vendors are forced to spend more resources on emergency maintenance releases.

https://www.bluecoat.com/security-blog/2014-04-14/security-analytics-hunt-heartbleed-traffic

https://www.bluecoat.com/security-blog/2014-04-08/widespread-heartbleed-bug-affects-ssl-servers

https://www.bluecoat.com/security-blog/2014-10-15/backwards-compatibility-exposes-users-web-encryption-bug

https://www.bluecoat.com/2014-09-29/botnets-are-making-most-shellshock-bug

https://www.bluecoat.com/security-blog/2014-09-25/shell-shocked

https://www.bluecoat.com/security-blog/2014-04-30/ssl-visibility-appliance-defeats-logs-heartbleed-attack-attempts