The state of cybersecurity in the enterprise: 2015

What services and events are predicted to shape malware, security and corporations next year?

glowing-keyboard-hacker-security-620x465.jpg
It's been an interesting year for cybersecurity. High-profile attacks have been launched against the likes of Sony, Target, Staples and a number of US banks; age-old flaws in open frameworks have been exploited -- spawning HeartBleed and Shellshock Bash -- and both corporations and governments around the world have pledged to invest more heavily in cybersecurity.

In the midst of these events, what can we expect next year?

According to predictions released by SentinelOne Labs, OS X and Linux, especially due to the rising adoption rates of Linux in enterprise data centers, will result in more attacks targeted at these systems -- which have been "neglected" by hackers in the past. The Mac operating system has experienced a slow uptake in exploits levied at the system in recent years, but the emergence of zero-day vulnerabilities and the platform's rising enterprise market share may make it worth the while of cybercriminals to try and infiltrate.

Read this

Top tips on hack-proofing your life

From drug cartels to passwords, security expert Brian Krebs weighs in on how to keep your personal data and bank account safe.

The security firm also believes that the success of ransomware campaigns will prompt these types of attacks to continue. Ransomware, which locks computer systems -- often with a fake notice from a government agency -- demand a certain amount of money to be paid in Bitcoin or via PayPal before the system is released to the user. Due to the success rates of these attacks, SentinelOne Labs believes ransomware will be used to coordinate a "time bomb" attack on the enterprise by simultaneously holding hostage multiple resources within an organization. Once malicious software finds its way onto a network, this would force firms to pay a higher price than the general public faces to unlock systems.

Special Feature

Why business leaders must be security leaders

Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.

Another interesting prediction is a rise in attacks on critical infrastructure. The firm says some attacks that have taken place over the past year were successful in closing down power grids for short periods of time, but these cyberattacks were not disclosed to the public.

It is predicted that Russia will use cyberattacks as a political retaliation tool, and China will also use digital weaponry against countries including the United States and Japan -- as well as other APAC countries and human rights activists. However, the firm believes a newcomer will also join the fold, namely Pakistan. SentinelOne Labs says that the country will expand its activities, mostly against India, by outsourcing the creation of malware and using contractors in cyberwarfare.

In relation to outsourcing such skill sets, it is predicted that 2015 will see Attacks as a Service (AaaS) emerge. While Malware as a Service (MaaS) has existed for some time, and malware kits can be bought freely on the market, AaaS will mean buyers no longer have to patch together malware and other services to carry out a service. Instead, clients will be able to visit a website, select a malware platform, choose targeted information -- such as bank records and credit card numbers -- request a particular infection rate and be in business.

Read on: In the world of security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All