Shifting Security Targets in 2016
Shifting Security Targets in 2016

What trends our on the horizon for cybersecurity in 2016?

I was recently asked to contribute my thoughts, alongside a number of other security professionals, to an article in SC Magazine on security predictions for 2016 and beyond. My predictions revolve around the shift in data being targeted and the more prevalent use of ransomware.

It’s my belief that in 2016, we’ll see data breach targets transcend financial information and credit card information. The type of data being targeted by cybercriminals is shifting. As an example, in the article I mention the 2015 breach with the Office of Personnel Management (OPM). Though we’ve talked about the mistakes that led to the OPM breach, the core issue is that it was simply too easy to access this very sensitive data. Data was not archived offline or moved to isolated backend systems, and many basic security protocols were overlooked. Hackers were not after financial data, but sensitive personnel information related to security clearances and government employment. We saw again with the Ashley Madison hack that there are other kinds of data being targeted for other kinds of uses with very serious consequences, including in this case blackmailing, suicides, terminations and public ridicule. It is a breach that Ashley Madison may never recover from.

In 2016, I also believe we’ll see more use of ransomware and Dyre attacks, which became quite popular in this past year. As long as these methods are successful in helping cybercriminals make money, they are going to keep sending out malicious emails. We’re seeing ransomware evolve, as well, with new attacks targeting Android devices and Mac OS X systems.

The article continues with security predictions from other experts, looking into growth in extortion attacks, increased targeting of healthcare data, the creation of open source security policies by the C-Suite, the growing worry about security with Internet of Things, the continued targeting of “people” as the weak link in security, and many more valuable insights. Read the full insights here.

ABOUT THE AUTHOR

Lance Mueller

Lance Mueller was the Director of Incident Response & Forensics at Absolute. In this role, he led a team of information security professionals in security incident response and forensic investigations services.