{"id":11610,"date":"2015-12-28T06:00:26","date_gmt":"2015-12-28T14:00:26","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=11610"},"modified":"2016-02-11T11:45:36","modified_gmt":"2016-02-11T19:45:36","slug":"2016-prediction-14-six-predictions-for-asia-pacific","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2015\/12\/2016-prediction-14-six-predictions-for-asia-pacific\/","title":{"rendered":"2016 Prediction #14: Six Cybersecurity Predictions for Asia-Pacific"},"content":{"rendered":"

This is the fourteenth, and final, in our <\/em>series of cybersecurity predictions<\/em><\/a> for 2016. Stay tuned for more through the end of the year.<\/em><\/p>\n

\"Top-10-Predictions-Banner\"<\/span><\/div><\/a><\/p>\n

1. Ransomware<\/h3>\n

Ransomware will continue to evolve its methods of propagation and evasion techniques, hiding its communication and the targets it seeks. As reported by the Cyber Threat Alliance<\/a>, ransomware has been very lucrative for cybercriminals to launch campaigns and, in a short period of time, derive large revenue streams. Today, the value of credit card data is low compared to ransomware, where higher value can be extracted from more victims.<\/p>\n

Research by the Cyber Threat Alliance reported<\/a> that CryptoWall v3 generated more than $325 million for the group behind it. This will drive further versions of ransomware-style attacks to be released, allowing more cybercriminals to extort users to pay the ransom to get the decryption key for their data. We predict seeing this crossing over to other platforms, such as Mac OS X and mobile operating systems.<\/p>\n

2. Sharing of Threat Intelligence<\/h3>\n

Efforts have been around for years to share threat intelligence in some verticals, and we predict that 2016 will mark a year in which the private sector and security vendors look to share more of this than they ever have in Asia-Pacific. Today, many adversaries often write one piece of malware and send it to multiple organisations, with only minor changes made to make it undetectable. However, if we, as a community, can force cyber adversaries to create multiple unique attacks each time, it will force their costs to go up. And if we can share the information, the defender costs go down. The benefits grow exponentially if we automate this process whereby organisations do this in real time, whilst preventing the attacks. Knowing what kinds of actors are targeting you, the tools that they have available, and the tactics they employ allows organisations to defend their networks more effectively.<\/p>\n

Although the debate continues on how effective these regulations will be, Asian governments should look to foster the sharing of threat intelligence, and organisations should think about how they can share in their vertical and go cross vertical in their efforts. We should ensure that there are responsible privacy protections in place for the purpose of identifying, preventing, mitigating and responding to cyberthreats,\u00a0vulnerabilities, and malicious campaigns. The faster organisations can share this information, the better we can serve to protect each other and push the cost back to the attackers.<\/p>\n

We expect this trend to continue, as more organisations begin to realise the benefits of sharing knowledge as a means to unify efforts to fight against cyber intrusions in Asia-Pacific.<\/p>\n

3. Secondary Victim Attacks<\/h3>\n

More and more we are seeing that, when we know the motive of an attack, there is usually a secondary victim. The 2015 Verizon Data Breach Report<\/a> highlighted that adversaries are using third-party websites to deliver their attacks. This often can mean that the person or organisation that experiences the initial breach isn\u2019t the real target but rather a pawn in a bigger attack.<\/p>\n

From the perspective of an attacker, this allows them to take advantage of trust and use the resources of another company for their gain. The most common method seen in Asia Pacific has been \u201cwatering hole attacks\u201d, where an organisation\u2019s website is infected with exploit code to try and infect visitors of their site. We predict that this will continue to rise with more reported incidents coming to light in 2016.<\/p>\n

4. Trust in Our Security Models<\/h3>\n

Over the past few years, cyberattacks have escalated and gotten more aggressive and successful. Not only have we seen it become easier and cheaper to launch successful attacks, it has eroded our digital trust in online systems. That trust also extends itself to the failure of legacy security architectures due, not only to an\u00a0outdated\u00a0assumption\u00a0that\u00a0everything\u00a0on\u00a0the inside of an organisation\u2019s network can\u00a0be trusted, but also the inability of legacy countermeasures to\u00a0provide\u00a0adequate visibility, control and protection. \u00a0We expect to see more organisations adopting new security models, such as \u201cZero Trust,\u201d which is intended\u00a0to\u00a0remedy\u00a0the\u00a0deficiencies\u00a0with perimeter-centric strategies and the legacy devices and technologies used to implement them. It does this by promoting \u201cnever trust, always verify\u201d as its guiding principle.<\/p>\n

This\u00a0differs\u00a0substantially from conventional security models that operate on\u00a0the\u00a0basis\u00a0of\u00a0\u201ctrust\u00a0but\u00a0verify\u201d. Essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications and the communications traffic between them, regardless of their location. We expect this will continue across Asia-Pacific in 2016.\u00a0<\/strong><\/p>\n

5. Attacking the Internet of Things<\/h3>\n

Whole\u00a0new categories of digital device are\u00a0getting\u00a0connected to the Internet, from domestic appliances to home security, and the list goes on. Gartner predicts<\/a> the number of connected things will rise from 6.5\u00a0billion in 2015 to almost 21 billion by 2020, growing by a staggering 5.5 million \"things\" each day. \u00a0This will continue to accelerate in 2016. Sadly, we see no reason why these things won\u2019t become a target for cybercrime. During this year we have seen some evidence of this emerging trend, like attacks on cars, smart rifles and many more shown at Black Hat USA in August this year. We don\u2019t expect to see millions of devices compromised in 2016 across Asia-Pacific, but we should be prepared to see more attacks and proofs of concepts trying to exploit these types of devices.\u00a0<\/strong><\/p>\n

6. Cybercrime Legislation<\/h3>\n

Asia-Pacific has often operated under very lax regulations when it comes to cybersecurity. It is a global issue; however, regulations to safeguard businesses and consumers are still evolving around the world. It\u2019s unsurprising that the USA is taking the lead on this front, given the number of high-profile attacks reported to have targeted U.S. firms in recent years. This has resulted in cybersecurity becoming a focus for policy, most recently seeing the introduction of the Cybersecurity Information Sharing Act<\/a> (CISA), which aims to help U.S. companies work with their government to combat hackers. Similarly, the European Union has laid out 14 actions to improve cybersecurity readiness, along with a policy on Critical Information Infrastructure Protection (CIIP),\u00a0<\/a>which aims to strengthen the security and resilience of vital ICT infrastructure by supporting high level preparedness, security and resilience capabilities at a national and EU level.<\/p>\n

We expect that we will see a significant shift in the mindset of governments and regulators in Asia-Pacific to take on an even more active role in protecting the Internet and safeguarding its users. Cybercrime laws will be in discussion, and changes to outdated cybersecurity standards will be mandated to bolster an improved stance on security.<\/p>\n