McAfee Labstoday predicted that cyber attacks and security will become stealthier and warns malware will surge up to 75 percent in 2015.
Cyber espionage attacks will continue to increase in frequency as long-term players will become stealthier information gatherers, while newcomers to cyber-attack capabilities will look for ways to steal sensitive information and disrupt their adversaries, the report said.
Cybercriminals will continue to act more like nation-state cyber espionage actors, focusing on monitoring systems and gathering high-value intelligence on individuals, intellectual property, and operational intelligence. McAfee Labs also predicts that more small nation states and terror groups will use cyber warfare.
Ransomware will evolve its methods of propagation, encryption, and the targets it seeks. More mobile devices are likely to suffer attacks. “We predict ransomware variants that manage to evade security software installed on a system will specifically target endpoints that subscribe to cloud-based storage solutions,” it added.
Mobile attacks will continue to grow rapidly as new mobile technologies expand the attack surface.
The growing availability of malware-generation kits and malware source code for mobile devices will lower the barrier to entry for cybercriminals targeting these devices.
In 2015, McAfee Labs predicts malicious parties will seek to extend their ability to avoid detection over long periods, with non-state actors increasingly adopting cyber espionage capabilities for monitoring and collecting valuable data over extended targeted attack campaigns.
The researchers predict more aggressive efforts to identify application, operating system, and network vulnerabilities, and an increasing focus on the limitations of sandboxing technologies as hackers attempt to evade application- and hypervisor-based detection.
“The year 2014 will be remembered as ‘the Year of Shaken Trust,’” said Vincent Weafer, Senior Vice President, McAfee Labs, part of Intel Security. “This unprecedented series of events shook industry confidence in long-standing Internet trust models, consumer confidence in organizations’ abilities to protect their data, and organizations’ confidence in their ability to detect and deflect targeted attacks in a timely manner. Restoring trust in 2015 will require stronger industry collaboration, new standards for a new threat landscape, and new security postures that shrink time-to-detection through the superior use of threat data. Ultimately, we need to get to a security model that’s built-in by design, seamlessly integrated into every device at every layer of the compute stack.”
In the third quarter, McAfee Labs detected more than 307 new threats every minute, or more than five every second, with mobile malware samples growing by 16 percent during the quarter, and overall malware surging by 76 percent year over year. The researchers also identified new attempts to take advantage of Internet trust models, including secure socket layer (SSL) vulnerabilities such as Heartbleed and BERserk, and the continued abuse of digital signatures to disguise malware as legitimate code.