The year 2014 has been a defining year in the information security space as cybercriminals have emerged with greater motivation to not just take over data or device, but have stronger control over the infrastructure. The recent discovery of Regin malware which has been in use since 2008 is a hint of such stealth, where this top-tier espionage tool has already targeted numerous international organisations, including governments, infrastructure operators, businesses, academics and private individuals.
The security threat landscape is visibly undergoing transformation. Attacks are becoming smarter. Internet is becoming a vulnerable platform by the day for enterprises and consumers alike, while becoming a grand stage for cybercriminals to perform elaborate acts. This has made security on internet more complex than ever-indicating that the security community can never rest on its laurels. All indications are that 2015 will bring more of the same, with the struggle between those wishing to create new threats and exploit vulnerabilities and those looking to protect against them likely to intensify.
Mobile devices will become attractive targets
Mobile devices will continue to become a target for cyber attackers especially as they store up a trove of personal and confidential information and are switched on all the time, making them the perfect targets.
Privacy will continue to be sacrificed for mobile apps
As mobile users continue to trade their privacy in exchange for mobile apps, many internet users are reluctant to share banking and personal identifiable information online, others are willing to share information about their location, and mobile device battery life as well as allow access to photos, contact lists and fitness information, all in exchange for mobile apps. They don’t know what they are agreeing to when downloading apps.
Attacks will focus on smart home automation
With smart home automation gaining popularity amongst consumers across Asia Pacific and Japan, Symantec anticipates that commoditised “plug-and-play” consumer devices such as CCTV cameras and remote access controls for alarms, lighting and climate control will be exploited by cybercriminals. Currently, while the embedded and small devices continue to become more prevalent, unfortunately not many of these devices are deployed with internet security in mind. These devices tend to have limited memory and system resources and do not have the computing power of a typical desktop.
The cloud will take us to infinity and beyond
In 2015, we expect to see more and more data hosted in the cloud but as this move occurs, businesses will need to take a closer look at data governance and ensure their data is cleaned before it is hosted in the cloud. Legacy data left unmanaged will continue to accumulate and present a persistent challenge for businesses. For consumers, the cloud in 2015 represents an infinite amount of personal information being hosted remotely and debate around the right to access, control, and protect private data in the cloud will continue to escalate.
Machine learning will be a game changer
A new generation of business platforms is emerging from the convergence of machine learning and big data and it will be a game changer in cybersecurity. Machine learning is a form of deep learning that may be considered as the first step in artificial intelligence. There is a critical need to stay “proactive” against threats, instead of reacting to them and machine learning will help security vendors stay one step ahead of cybercriminals. The ability for machine learning to predict cyber-attacks will improve detection rates.
While the environment is getting connected with the evolution of technology and the inclusion of trends such as big data, cloud and social in day-to-day business, it is also becoming vulnerable to cyber-attacks. The fight against cybercrime cannot be won alone and the security industry together with telecommunication providers and governments are joining forces to beat the war on cyber crime. Especially for India, security is set to be a key component while we work towards realising the vision of creating 100 smart cities.
Sanjay Rohtagi
The writer is president—sales, Symantec India