McAfee's holiday guide to next year's hacks
- By Zach Noble
- Nov 13, 2015
McAfee's "2016 Threats Predictions" report says cybersecurity professionals will see an explosion of malware threats next year but be ill-equipped to fight them.
What: McAfee Labs' "2016 Threats Predictions" report.
Why: In a two-part report released Nov. 10, McAfee's team surveys the short- and medium-term cyberthreat landscape.
Looking ahead five years, the report predicts that the ongoing explosion of Internet-connected devices will continue to tax an inadequate base of cybersecurity professionals. Malware that targets hardware and firmware vulnerabilities will proliferate, as will tough-to-detect file-less attacks that inject commands directly into memory.
For 2016, the report predicts a host of new attack vectors and says the growth of telework will further complicate security because hackers will target employees at home instead of in their better-protected workplaces.
Among the most insidious attacks that will accelerate next year is the "integrity attack" -- a form of data manipulation that enables widespread theft and erodes trust.
Verbatim: "In 2016, we will witness an integrity attack in the financial sector in which millions of dollars will be stolen by cyber thieves who will modify selected data in the transaction stream, resulting in a significant redirection of payment to anonymized accounts. The detection of that incident and others like it will be very difficult. Integrity attacks can appear to be operational problems, accounting errors, audit issues, acts of a disgruntled employee, or simply dumb mistakes. To compound matters, the tools, mechanisms, and processes currently available and in use are mostly blind to these types of attack."
Read the full report here.
Zach Noble is a former FCW staff writer.