Blue Coat 2015 Predictions
Matthias YEO (CISSP, CISA, CISM, PMP®)
Chief Technology Officer – Asia Pacific Blue Coat
PRIVACY AND SECURITY DIG IN FOR A LONG WAR
Encrypted Traffic will Increase…So will Data Breaches– Use of encryption will continue to increase to protect consumer privacy. Malware will increasingly hide behind encryption to evade detection by most enterprises that are struggling to balance employee privacy with attacks hiding behind encryption. (NOTE: We can reference our ETM report)
BIG MEDIA WILL SAY NO TO MALVERTISING
As Malvertising Increases, Media Companies will Pressure Ad Partners– Major Media properties will increasingly display ads from partner networks that host malware. As the risks of infection by visitors to their Web properties increase, these media companies will put more pressure on their ad partners to eliminate malvertising. NOTE: We can highlight various Chris Larsen blogs to showcase examples of malvertising. Here is a list of blogs you may find helpful:
https://www.bluecoat.com/security-blog/2014-11-20/international-scam-network
https://www.bluecoat.com/security-blog/2014-09-30/fake-company-malware-job-applications-craigslist
https://www.bluecoat.com/security-blog/2014-10-12/hacked-japanese-server-used-russian-malnet
https://www.bluecoat.com/security-blog/2014-03-21/la-times-malvertising-again
https://www.bluecoat.com/security-blog/2014-03-21/mobile-malvertising-trend-not-blip
https://www.bluecoat.com/security-blog/2014-01-13/look-early-stages-yahoo-malvertising-attack
2015 will be the year of PUS . . EWW
Potentially unwanted software (PUS) is picking up on mobile devices. Hidden deep down in end-user licensing agreements and frequently missed by users downloading free aps, PUS will increasingly be part of downloads to gather information about your web surfing, in order to “improve your browsing experience,” such as serving you more relevant advertisements. As PUS is increasingly added to free software by developers seeking to monetize their creations, it will slow down — and even destabilize — infected devices.
“ . . . IN UNMARKED BILLS OR YOU WILL NEVER SEE YOUR DATA AGAIN
Ransomware will Aim Higher and Cost More —Ransomware hit a lot of people in 2014. The next logical next step for ransomware creators is to say “how can I increase value from my victim?” Blue Coat predicts that the next real targets will be small businesses or small government organizations – entities with hundreds of thousands in their bank account. These attacks will involve conducting reconnaissance on target computers/systems – not just blindly encrypting all the documents. If attacks can access the network storage, attacks can demand higher ransoms. NOTE: We have blog we can reference:
https://www.bluecoat.com/security-blog/2014-05-09/hacked-wordpress-sites-lead-exkits-cryptowall
IN YOUR FACE!
Attackers will Get Social – Attack tools will increasingly leverage information from social networks to customize the attacks in a better way. Most targeted attacks have a social context, which increases efficacy and is easier to do now. Attackers will exploit their knowledge of target victims to gain access to critical systems and data.
https://www.bluecoat.com/security-blog/2014-02-12/facebook-phishing-tumblr
BIG BROTHER WILL ABSOLUTELY BE WATCHING
The Rise of Espionageware – While it was relatively low in volume in 2014, expect an increase in surveillance software that is created by security companies or nation states to monitor certain people. As international conflicts emerge, these tools will inevitably be used to keep track of what people are doing and whether they’re a security risk or not.
HEARTBLEED, SHELLSHOCK, and POODLE, OH MY…
“Common mode failure” events, where a single defect causes failures to ripple through a system, like Heartbleed, Shellshock. Vulnerability seekers (researchers, attackers) have had their first taste of this, and there’s no going back now. In 2015 we expect to see:
- Increased development and technology costs, as developers start to invest more in code analysis on open-source, or move toward commercial alternatives where a 3rd party / licensee can be liable
- Open source factionalizing, as more “indignant forking” starts to happen, like LibreSSL
- A slowdown to the pace of innovation overall, as vendors are forced to spend more resources on emergency maintenance releases.
https://www.bluecoat.com/security-blog/2014-04-14/security-analytics-hunt-heartbleed-traffic
https://www.bluecoat.com/security-blog/2014-04-08/widespread-heartbleed-bug-affects-ssl-servers
https://www.bluecoat.com/2014-09-29/botnets-are-making-most-shellshock-bug
https://www.bluecoat.com/security-blog/2014-09-25/shell-shocked