By now, digital crime has become so commonplace that news of a new attack is often met with the same level of excitement as a weather report. Unfortunately, this constant influx of bad news masks another, more insidious reality in this horrible state of affairs – cyber-attacks are changing. Like every tech-related industry, cyber-crime is in a state of continual evolution.
Knowing where this evolution might take us is the first step to defending ourselves against it. So with that in mind, here are a few ways cyberattacks will likely evolve in 2016 – and what that means for you as we move towards 2017.
APDoS Attacks Rise to Prominence
Advanced persistent denial of service attacks – essentially massive DDoS attacks followed by repeated SQL injection and XSS attacks – will become the standard operating procedure of many criminal groups in 2016, hacktivist collectives especially. Such attacks are both relatively easy to execute and relatively difficult to mitigate, as they are often spread across as many as five different attack vectors, and may involve up to tens of millions of requests per second, spread over several weeks.
The prevalence of APDoS attacks will drive demand in the security industry for more multifaceted solutions, capable of protecting multiple attack vectors at once.
The Birth of Permanent Denial-of-Service Attacks
Loosely-known as phlashing, a Permanent Denial-of-Service attack is one that damages a system so severely that its owner must replace or reinstall their hardware. Through the exploitation of security flaws or misconfigured systems, PDoS attacks can wipe firmware, destroy basic functions, or even overload systems to the point that the hardware becomes damaged.
Defending against PDoS attacks will require an intimate knowledge of your systems and their vulnerabilities – as well as how best to mitigate those vulnerabilities.
The Internet of Zombies
The Internet of Things has the potential to change workplaces, businesses, and even lives. Through embedded sensor technology, smart devices can connect with us on an entirely new level. Businesses are far from blind to the potential here, and by 2020, Gartner predicts that there will be 21 billion connected devices in the world.
Unfortunately, many of the organizations now manufacturing ‘smart’ devices have no real background in digital security. Coupled with a lagging regulatory environment and a lack of best practices, this means that the security on most IoT devices is abysmal. Expect privacy violators to target IoT devices with increasing frequency, while hacktivists and criminal organizations tap into them to create botnets larger than any yet seen.
Ransomware and RansomDOS Continue to Grow
2015 was a flagship year for Ransomware, which saw ransomware attacks increase in both frequency and creativity. At present, there is no reason to expect this trend will cease, as both Ransomware and RansomDOS attacks provide superior returns for the minimal amount of effort they often require. We predict that cloud companies in particular will be prime targets for these attack methods as we move forward through 2016.
2016 won’t just bring change to the attack landscape of the digital world – it will also bring other, more positive trends. To learn more about those trends – and to read more about how you can defend yourself from evolving cyber-attacks – download the Radware Global Application & Network Security Report.