Story image

FortiGuard Labs: IoT attacks and new evasion techniques will characterise emerging threats in 2016

11 Jan 16

As 2016 approaches, the threat landscape is as dynamic as ever with significant trends in malware and network security becoming more important in daily life. Fortinet’s threat research division, FortiGuard Labs, predicts an interesting year ahead.

The Internet of Things (IoT) and cloud will be targets in the upcoming year but new malicious tactics and strategies will create unique challenges for vendors and organisations alike. FortiGuard also predicts the emergence of increasingly sophisticated evasion techniques that will push the boundaries of detection and forensic investigation as hackers face increasing pressure from law enforcement.

These predictions and more are outlined in the FortiGuard Labs annual New Rules: The Evolving Threat Landscape in 2016 report – registration required.

“With the FortiGuard Labs 2016 predictions,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s network security solutions, “we can see that the security landscape is changing to accommodate for more sophisticated threats and that a ‘tighter’ integration is required for security solutions. The wider adoption of the cloud blurs the traditional perimeter which means that security vendors need to be flexible and agile in their offerings.”

“While IoT brings immeasurable benefits to our daily lives,’ he continues, “it also raises people’s awareness around security. Both consumers and business need to work with security vendors/partners they can trust to provide adequate security and make technology ‘worry free’.”

The New Rules: The Evolving Threat Landscape in 2016 report is designed to reveal the new trends and strategies that FortiGuard researchers anticipate cyber criminals will employ in the year to come. Fortinet researched these predictions to arm our customers with the knowledge they need to maintain their advantage in the cybersecurity arms race and proactively change the way all businesses look at their security strategies going into the new year.

The top cybersecurity trends for 2016 include:

Increased M2M attacks and propagation between devices

Several troublesome proofs of concept made headlines in 2015, demonstrating the vulnerability of IoT devices. In 2016, though, we expect to see further development of exploits and malware that target trusted communication protocols between these devices.

FortiGuard researchers anticipate that IoT will become central to “land and expand” attacks in which hackers will take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect.

Worms and viruses designed to specifically attack IoT devices

While worms and viruses have been costly and damaging in the past, the potential for harm when they can propagate among millions or billions of devices from wearables to medical hardware is orders of magnitude greater.

FortiGuard researchers and others have already demonstrated that it is possible to infect headless devices with small amounts of code that can propagate and persist. Worms and viruses that can propagate from device to device are definitely on the radar.

Attacks on cloud and virtualised infrastructure

The Venom vulnerability that surfaced this year gave a hint about the potential for malware to escape from a hypervisor and access the host operating system in a virtualised environment. Growing reliance on virtualisation and both private and hybrid clouds will make these kinds of attacks even more fruitful for cybercriminals.

At the same time, because so many apps access cloud-based systems, mobile devices running compromised apps can potentially provide a vector for remotely attacking public and private clouds and corporate networks to which they are connected.

New techniques that thwart forensic investigations and hide evidence of attacks

Rombertik garnered significant attention in 2015 as one of the first major pieces of “blastware” in the wild. But while blastware is designed to destroy or disable a system when it is detected (and FortiGuard predicts the continued use of this type of malware), “ghostware” is designed to erase the indicators of compromise that many security systems are designed to detect.

Thus, it can be very difficult for organisations to track the extent of data loss associated with an attack.

Malware that can evade even advanced sandboxing technologies

Many organisations have turned to sandboxing to detect hidden or unknown malware by observing the behaviour of suspicious files at runtime. Two-faced malware, though, behaves normally while under inspection and then delivers a malicious payload once it has been passed by the sandbox. This can prove quite challenging to detect but can also interfere with threat intelligence mechanisms that rely on sandbox rating systems.

Each of these trends represents a significant and novel challenge for both organisations deploying security solutions and for vendors developing them. Fortinet is on the cutting edge of threat research and network security, providing complete network protection from edge to endpoint, continuously updated by FortiGuard and the threat intelligence feeds from millions of devices deployed worldwide.

For further information, please contact:

Hugo Hutchinson, Business Development Manager at Ingram Micro

hugo.hutchinson@ingrammicro.com

P: 09-414-0261 | M: 021-245-8276

Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato
Dr Ko is off to Australia to become the University of Queensland’s UQ Cyber Security chair and director.
Businesses in APAC are ahead of the global digital transformation game
“And it’s more about people and culture - about change management - along with investing in the technology.”
HubSpot announces fund for 'customer first' startups
HubSpot is pouring US$30 million (NZ$40 million) into a new fund to support startups that demonstrate ‘customer first’ approach of not only growing bigger, but growing better.
Mac malware on WatchGuard’s top ten list for first time
The report is based on data from active WatchGuard Firebox unified threat management appliances and covers the major malware campaigns.
LearnCoach closes $1.5m seed round
The tutorials are designed for students who want to learn NCEA subjects but can’t make it to a physical classroom.
Bin 'em: Those bomb threat emails are complete hoaxes
A worldwide spate of spam emails claiming there is a bomb in the recipient’s building is almost certainly a hoax.
Marriott sets up call centres to answer questions on data breach
Marriott has released an update on the breach of the Starwood guest reservation data breach which affected 500 million guests.