Kuala Lumpur, Malaysia, May 30, 2015 --(PR.com
)-- The following are excerpts from the interview:
Krishna, what are your top ten predictions for security trend in 2015?
In terms of the top ten, the first thing we’re looking at is, we think that users are still going to be targeted but then users will be victims of cyber attacks but they will not be direct targets. So criminals are not going to be targeting your Windows PC at home, rather they are going to be targeting larger corporations that have your information.
Number two, we are going to see more and more darknets coming up. Criminals are going to be shielding behind these darknets, as I said the retail prices of stolen credentials are dropping and these guys have to go to greater lengths to shield themselves and shield their customers as well.
The third thing we think is it’s mobile, mobile, mobile. Everything we think of in 2014 is going to have a mobile twist. So there’s going to be more and more. In 2014, there were a lot of browser based exploits but in 2015 it’s going to be mobile based exploits. There will be exploit kits targeted for mobiles. So somebody could be selling a set of exploits that are targeting Android for a $100. If you buy this two out of three times, you’re probably getting into an Android phone.
Number four is, we are going to have new kids on the block. See in 2014, 2013, whenever you say Advanced Persistent Threats, we’re talking about Russia, China and the US. But in 2015, we’re going to be talking about new kids on the block, countries like Malaysia, Indonesia, Thailand and maybe Sri Lanka and Singapore are going to be targets.
Next thing, number five, I think with this whole trend of NFC going on, I think the NFC based solutions are going to give us a new threat; especially with Google wallet. As soon as Google Wallet came out there was a fake Android vulnerability targeting the Google Wallet. Now with Apple Pay coming along the way, you will find that there is a lot of focus on this and specially with your credit cards in there, people are going to be targeting that.
Number six. In 2014 we had all kinds of stuff. The heart was bleeding, the shell was shocking, we had Poodles and we had all kinds of big vulnerabilities, legacy vulnerabilities that took surface in this year. We think that is going to continue and they are going to have more new vulnerabilities targeting legacy systems, open-source systems. Open source is going to be the biggest target for 2015, at least for now.
Number seven, I think banks and Telcos are still going to be targets of cybercriminals because that’s where the door is, that’s where the Muller is and there is going to be more and more of advanced malware.
Number eight, I would say is that the new digital gold mine is information and it’s all about information. That is the key and that’s cash so there is going to be increasing insider threats. (That’s the real digital currency in a way). You will find direct insider threats and indirect insider threats, outsiders making use of your staffs to steal information so you will need Data Loss Prevention.
And of course number nine; there is a lot of talk on Internet of Things, different devices. Here’s my take on this, we think Internet of Things will be targeted but hackers are not going to be targeting their vulnerabilities because the variety of technology is just too wide for them to come out with an exploit that will work on two three things. So what they are going to be doing is targeting the data that will be moving from one device to another and exposing that data.
The last thing is people say ‘old is gold’. So the old attacks are going to have a new WEP2 point of twist to it. So injections, Cross-site scripting but with a WEP2 twist to it. So we’re going to see them targeting new areas, so we’re going to have XPath Injection and those kinds of things that are going to be popular in 2015.
About AKATI Consulting
AKATI Consulting Group (“AKATI”) is a security-focused consulting firm providing services specializing in Information Security and Information Forensics. It operates in 5 continents with over 300 clients and serves a wide range of clients, offering reliable solutions with reliable technologies that guarantee results. Top banks in the world, military and some of the most hostile environments in the globe trust AKATI as their Trusted Security Advisor.