McAfee Labs’ 2016-2020 Threat Predictions, Part 1

Two sets of insights inform near- and long-term security strategies.

Vincent Weafer, Senior Vice President, Intel Security

December 4, 2015

3 Min Read
Dark Reading logo in a gray background | Dark Reading

The best hockey players navigate within the ice rink, grapple with opposing players, take advantage of opportunities when available, and critically, as Wayne Gretzky once said, always skate to where the puck is going to be—not where it has been.

The newly released McAfee Labs Threat Predictions Report offers short- and long-term trend insights for organizations racing to keep pace with and perhaps overtake business and technological change, while continuously fending off a growing variety of cyber threats.

The report predicts key developments on the cyber threat landscape in 2016 and provides unique insights into the expected nature of that landscape through 2020, as well as the IT security industry’s likely response.

It illustrates an ever-evolving threat landscape, where applications and prominent operating systems are hardened to attacks, but attackers shift their crosshairs to less prominent but critical attack surfaces, innovative attack styles, and new device types.

Researchers depict enterprises building out their complex security defenses and comprehensive policies, while attackers target the weak security of employees working remotely. The cybercrime-as-a-service ecosystem discovers, mutates, and sells these advanced capabilities and support infrastructure down to the least sophisticated malicious actors in cyberspace in the burgeoning dark Web.

Here are some key threat predictions from the report for 2016:

  • Hardware. Attacks on all types of hardware and firmware will continue, and the market for tools that make them possible will expand and grow. Virtual machines will be targeted with system firmware rootkits.

  • Ransomware. As it has come to pass in other areas of cybercrime, the true accelerator of ransomware growth will be the availability of ransomware-as-a-service offerings on the dark Web. By lowering barriers to entry into cybercrime, this ecosystem of talent, tools, and infrastructure will enable more criminals to launch more attacks.

  • Attacks through employee systems. Organizations will continue to improve their security postures, implement the latest security technologies, work to hire talented and experienced people, create effective policies, and remain vigilant. Thus, attackers are likely to shift their focus to increasingly attack enterprises through their employees by targeting, among other things, employees’ relatively insecure home systems to gain access to corporate networks.

  • Cloud services. Cyber criminals could seek to exploit weak or ignored corporate security policies established to protect cloud services. Now home to an increasing amount of business-confidential information, such services, if exploited, could compromise organizational business strategies, company portfolio strategies, next-generation innovations, financials, acquisition and divestiture plans, employee data, and other data.

  • Warehouses of stolen data. Stolen personally identifiable information sets are being linked together in big data warehouses, making the combined records more valuable to cyber attackers. The coming year will see the development of an even more robust dark market for stolen personally identifiable information and usernames and passwords.

  • Integrity attacks. One of the most significant new attack vectors will be stealthy, selective compromises to the integrity of systems and data. These attacks involve seizing and modifying transactions or data in favor of the perpetrators such as a malicious party changing the direct deposit settings for a victim’s paychecks and having money deposited into a different account. In 2016, we could witness an integrity attack in the financial sector in which millions of dollars could be stolen by cyber thieves.

  • Sharing threat intelligence. Threat-intelligence sharing among enterprises and security vendors will grow rapidly and mature. Legislative steps may be taken that make it possible for companies and governments to share threat intelligence. The development of best practices in this area will accelerate, metrics for success will emerge to quantify protection improvement, and threat-intelligence cooperatives among industry vendors will expand.

To “beat the puck” on business, technology, and threat landscape realities in 2016 and beyond, organizations will need security strategies that enable them to see more, learn more, and detect and respond faster, all the while fully utilizing the decidedly finite technical and human resources at their disposal.

Stay tuned for my next post, which will revisit the McAfee Labs Threat Predictions Report to preview the 2020 threat landscape and the likely cybersecurity industry responses to it.

About the Author

Vincent Weafer

Senior Vice President, Intel Security

Vincent Weafer is Senior Vice President of Intel Security, managing more than 350 researchers across 30 countries. He's also responsible for managing millions of sensors across the globe, all dedicated to protecting our customers from the latest cyber threats. Vincent's team is dedicated to advancing the research and intelligence gathering capabilities required to provide the latest protection solutions in malware, host and network intrusion, email, vulnerability, regulatory compliance, and web security.

Vincent has an extensive range of experience gained over 25 years in the information technology industry, including 11 years as the leader of Symantec's Security Response team. He is also a highly regarded speaker on Internet security threats and trends, with coverage in national and international press and broadcast media. He has been invited to testify on multiple government committees including the States Senate Committee on the Judiciary hearing on Combating Cyber Crime and Identify Theft in the Digital Age in April 2010, the United States Sentencing Commission's Public Hearing on Identity Theft and Restitution Act of 2008 in March 2009, and the United States Senate Committee on Commerce, Science, and Transportation on Impact and Policy Implications of Spyware onConsumers and Businesses in June 2008. In addition he has presented at many international conferences and was a committee member of the IEEE Industry Connections Study Group (ICSG) 2009-2010, and has also co-authored a book on Internet Security.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights