Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
12/4/2015
02:08 PM
Vincent Weafer
Vincent Weafer
Partner Perspectives
50%
50%

McAfee Labs’ 2016-2020 Threat Predictions, Part 2

Previewing 2020 to inform long-term security strategies.

My last post previewed the threat trends and developments likely to shape the cybersecurity space in 2016. This post revisits the McAfee Labs Threat Predictions Report to preview the 2020 threat landscape and the likely cybersecurity industry responses to it.

The Intel Security report reflects the insights of 21 cybersecurity thought leaders within our McAfee Labs, Office of the CTO, Foundstone Professional Services, and Advanced Threat Research teams. The resulting look ahead attempts to predict how the types of threat actors will change, how attackers’ behaviors and targets will change, and how the industry will meet these challenges over the next five years.

If there’s one underlying message, it is that the future, more than ever, will require security technologies that enable rather than hinder their businesses, and collaboration that helps them better understand and preempt the threats confronting them over the long term.

Here are some key threat predictions from the report through 2020:

  • Below-the-OS attacks. Attackers could look for weaknesses in firmware and hardware as applications and operating systems are hardened against conventional attacks. The lure would be the broad control attackers can potentially gain through these attacks, as they can conceivably access any number of resources and commandeer administration and control capabilities.
  • Detection evasion. Attackers will attempt to avoid detection by targeting new attack surfaces, employing sophisticated attack methods, and actively evading security technology. Difficult-to-detect attack styles could include fileless threats, encrypted infiltrations, sandbox evasion malware, exploits of remote shell and remote control protocols, and the aforementioned below-the-OS attacks targeting and exploiting master boot records (MBR), BIOS, and firmware.
  • New devices, new attack surfaces. The ease and affordable cost of developing connected devices will fuel an explosion of new products. While there has not yet been a surge in IoT and wearable technology, by 2020 we may see installed bases of these systems reach substantial enough penetration levels that they will attract attackers. To ensure that security and privacy aren’t playing catchup to innovation, technology vendors and vertical-solution providers will work to establish user education and industry best practices, as well as build security controls into device architectures where appropriate.
  • Cyber espionage goes corporate. As is the case in so many other areas of crime-ware, the dark market for malware code and hacking services could enable cyber espionage malware used in public sector and corporate attacks to be used at scale for financial intelligence-gathering and the manipulation of markets in favor of attackers’ financial interests.
  • Security industry response. The security industry will develop more effective tools to detect and correct sophisticated attacks. Behavioral analytics could be developed to detect irregular user activities that might indicate compromised accounts. Shared threat intelligence is likely to deliver faster and better protection of systems. Automated detection and correction technology promises to protect enterprises from the most common attacks, freeing up IT security staff to focus on the most critical security incidents.

Anticipating and preempting adversary attacks requires that we match the intelligence exchange, cloud computing and delivery power, platform agility, and human resource assets that cyber criminals regularly leverage on the dark Web. To win the battles against future threats, organizations must see more, learn more, detect and respond faster, and fully utilize all the technical and human resources at their disposal.

Long viewed as a security liability, the cloud, together with on-premises defenses, will allow organizations to leverage the power and scale of shared threat intelligence, behavioral analytics, and machine-learning capabilities that would otherwise be beyond their reach.

In our next post, my colleague Michael Sentonas will discuss the cloud’s cybersecurity “silver lining.” This prospect of matching and eclipsing adversaries’ capabilities through cloud-based capabilities is one of many things that have my peers and I optimistically looking forward to 2016, 2020, and beyond. 

Vincent Weafer is Senior Vice President of Intel Security, managing more than 350 researchers across 30 countries. He's also responsible for managing millions of sensors across the globe, all dedicated to protecting our customers from the latest cyber threats. Vincent's team ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26077
PUBLISHED: 2021-05-10
Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring...
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.