Top 2016 cyber threats we should prepare for

November 20, 2015
Top 2016 cyber threats we should prepare for

It’s hard to say where the next cyber threat will come from, but in order to predict a hacker’s next move, security experts probably have to try and think like a hacker. Why does he hack a device? What information does he need from it? What’s the fastest and easiest way he can get it?

Cybersecurity has become a scary yet fascinating topic, with stories in which hackers can be the villains (usually), or the heroes – at least in the eyes of the ordinary man. One thing is certain: companies (and individual users as well) have to protect their data better than ever.

If you thought smart wearables are completely secure, think again. McAfee Labs – one of the most respectable cybersecurity sources for research and solutions, has released a forecast of threats we should look out for in 2016. For this report, key experts were interviewed and asked to describe the future cybersecurity landscape. The full report takes into consideration a 5-year-span, from 2015 to 2020, but in this section the focus is on threats that will emerge in 2016.

As the report shows, wearables will probably become the preferred targets for hackers in 2016. Technology evolution unfortunately can also mean more possible vulnerabilities. As our devices become more connected, the opportunities to break into our information vault increase. Basically, the smarter the tech we use gets, the more exposed we become.

The wearable threat

Up until now, hackers haven’t really concentrated their efforts on devices that didn’t bring direct access to the user’s accounts. In most cases it wouldn’t have been worth it, but in the past year, device inter-connectivity and mobile payments have become a normality.

Though smartphones and tablets still remain the most important target for hackers – because they usually are the nexus of the user’s IoT environment, wearables will become their access points. Activity trackers, smart watches, and other portables have become a part of our everyday lives. Smartphone and tablet vulnerabilities are debated and fixed through updates whenever a new threat appears. Some updates are specifically built to secure our devices. Unfortunately, not the same can be said about wearables.

According to ABI Research, by 2019 over 780 million wearable devices will be used worldwide. This means 1 wearable device on one of every 10 people on earth. Undoubtedly hackers will begin targeting wearables. A wearable attack won’t provide immediate value, but it could provide a link to the main entrance of the information vault – your smartphone or tablet.

The McAfee Labs report explains: Wearables collect a lot of just simple data, and then feed it to an application on a smartphone or tablet for processing. Most of these devices use Bluetooth LE (low energy) technology, which has suffered a number of very well documented security flaws and likely will produce more with each new version. (Researcher Mike Ryan has done a lot of great research.) Bluetooth is the weak link.

Attack won’t compromise the devices at first, but control apps for compromised wearables are expected in the first 12 to 18 months, according to the report.

The cloud threat

Cloud-based collaboration is convenient and cost effective for any business. It’s only normal that cloud popularity will keep growing significantly in the following years. The concerning part is that businesses share important information in the cloud, like financial data, company portfolio, employee data, and others. This valuable information is more than enough to convince hackers to keep attacking cloud services. Customers are depending entirely on the security capabilities of the providers.

Excerpt from the report: With or without IT’s consent, most businesses use low-cost or free cloud collaboration services, but security details are often not shared; the risk of hacking and data exposure is unknown. Whether using video conferencing and voice mail, project management tools, data storage sites, or cloud-hosted applications, employees can put companies at risk by accessing and storing company data on third-party sites that do not offer proper oversight on security management. The opportunity for attacks targeting the back-end infrastructure to steal information, or listen to private conversations, including your conference meetings, can be exploited.

The automobile threat

Reports from Business Insider and Statista have shown that 12 percent of cars will be connected to the Internet by 2016, and by 2020 there will be over 220 million connected cars on the road. To become connected, a car requires a series of software and hardware features. We might just as well call the features “possible vulnerabilities”. Real events (and experiments) proved that cars can be hacked.

The report concludes: Some threats could already be lurking in automobiles. Non-safety-related threats that invade the privacy of the vehicle’s owner by monitoring its location or listening to conversations using the car’s microphone, or by even recording video using the car’s cameras, could already be happening. We predict that 2016 will be the beginning of attack campaigns that may be discovered only months after the original infections.

Other 2016 threats we should prepare for: ransomware, payment systems, employee systems attacks, cyber espionage.

However, tech evolution is not all bad for security. Experts are obviously learning from the new threats. 2015 has been a challenging year, with many cyberattacks, and plenty of possible case studies on this matter. Until the day of the impenetrable security system comes (if it ever does), our best measure is still to keep our most important data in a safe and unreachable place.

Subscribe to our weekly news digest!

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for subscribing.
We'll be sending you our best soon.
Something went wrong, please try again later