Menu
Internet of Things and cloud feature heavily as security landscape changes

Internet of Things and cloud feature heavily as security landscape changes

As to be expected, the Internet of Things (IoT) and cloud will play heavily in 2016, with new malicious tactics and strategies set to create unique challenges for vendors and organisations alike.

In forecasting the most important trends of the next twelve months, security specialist firm Fortinet predicts the emergence of increasingly sophisticated evasion techniques that will push the boundaries of detection and forensic investigation as hackers face increasing pressure from law enforcement.

“We can see that the security landscape is changing to accommodate for more sophisticated threats and that a ‘tighter’ integration is required for security solutions,” says Jack Chan, Network and Security Strategist, Fortinet New Zealand.

“The wider adoption of the cloud blurs the traditional perimeter which means that security vendors need to be flexible and agile in their offerings.

“While IoT brings immeasurable benefits to our daily lives, it also raises people’s awareness around security.

“Both consumers and business need to work with security vendors/partners they can trust to provide adequate security and make technology ‘worry free’.”

Looking ahead, Chan believes the top cybersecurity trends for 2016 include:

Increased M2M attacks and propagation between devices

Several troublesome proofs of concept made headlines in 2015 demonstrating the vulnerability of IoT devices.

In 2016, though, Chan expects to see further development of exploits and malware that target trusted communication protocols between these devices.

“Researchers anticipate that IoT will become central to “land and expand” attacks in which hackers will take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect,” he adds.

Worms and viruses designed to specifically attack IoT devices

While worms and viruses have been costly and damaging in the past, Chan believes the potential for harm when they can propagate among millions or billions of devices from wearables to medical hardware is orders of magnitude greater.

“Researchers and others have already demonstrated that it is possible to infect headless devices with small amounts of code that can propagate and persist,” Chan adds.

“Worms and viruses that can propagate from device to device are definitely on the radar.”

Attacks on cloud and virtualised infrastructure

The Venom vulnerability that surfaced this year gave a hint about the potential for malware to escape from a hypervisor and access the host operating system in a virtualised environment.

For Chan, growing reliance on virtualisation and both private and hybrid clouds will make these kinds of attacks even more fruitful for cybercriminals.

“At the same time, because so many apps access cloud-based systems, mobile devices running compromised apps can potentially provide a vector for remotely attacking public and private clouds and corporate networks to which they are connected,” he adds.

New techniques that thwart forensic investigations and hide evidence of attacks

Rombertik garnered significant attention in 2015 as one of the first major pieces of “blastware” in the wild.

But while blastware is designed to destroy or disable a system when it is detected, Chan says “ghostware” is designed to erase the indicators of compromise that many security systems are designed to detect.

‘Thus, it can be very difficult for organisations to track the extent of data loss associated with an attack,” he adds.

Malware that can evade even advanced sandboxing technologies

Many organisations have turned to sandboxing to detect hidden or unknown malware by observing the behaviour of suspicious files at runtime.

“Two-faced malware, though, behaves normally while under inspection and then delivers a malicious payload once it has been passed by the sandbox,” Chan adds.

“This can prove quite challenging to detect but can also interfere with threat intelligence mechanisms that rely on sandbox rating systems.”

For Chan, each of these trends represents a “significant and novel challenge” for both organisations deploying security solutions and for vendors developing them.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags FortinetsecurityCloudInternet of ThingsM2Mcyber

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments