2015 predictions: Cyber attacks aimed at critical infrastructure, Attacks as a Service

In 2014, we witnessed the rise of POS malware and ransomware, more targeted, advanced evasion by both cyber crooks and hackers backed by nation states, and government grade malware going mainstream (bolted-on to ransomware and financial Trojans).

So, what can we expect in 2015?

According to SentinelOne, OSX and Linux machines will be targeted way more.

“The massive adoption of Linux in enterprise datacenters and recent uptick in revived variants of Linux malware (i.e. ‘cdorked’) all indicate that this OS will be targeted in the near future. We view the ‘cdorked’ attacks as a proof of concept designed to test the resilience of Linux and the security products used to defend it,” they pointed out.

“As for Mac OS X, it has experienced a long and slow rise in malware attacks – if we exclude the enormous “Flashback” campaign a few years ago. However, the recent emergence of zero day vulnerabilities combined with the platform’s increasing enterprise market share, especially among executives, leads us to believe this will change in 2015.”

The rise of ransomware will continue in the coming year, and will shift to target enterprises.

“We believe ransomware will be used to coordinate a ‘time bomb’ attack on an enter- prise,” they note. “By simultaneously holding hostage multiple resources within an organization, an attacker could temporarily halt operations. The devastating effects of such an attack on a small enterprise, would force most companies to pay a high price for the release of their systems. One successful attack of this nature will produce many more copycat incidents.”

2015 will also be the year when attacks on critical infrastructure become mainstream. “We predict cyber inflicted power outages and irregularities in assembly operations at large manufacturing facilities will result from attacks on SCADA and ICS systems,” they say.

When it comes to threats from nation states, Russia will continue to use cyber-attacks as a political retaliation tool, and China will continue with cyber espionage aimed against the US, Japan, APAC countries and human rights activists. A new big player in this arena will be Pakistan, which “will expand its activities, mostly against India, by outsourcing malware creation and using contractors to build out attacks.”

Finally, the coming year will see the emergence of the “Attacks as a Service” model.

“Buyers will no longer need to patch together malware and other individual cyber- crime for hire services to carry out a campaign. Instead, they will simply visit a website, select the desired malware platform and capabilities to build a Trojan, choose their target assets (online banking credentials, healthcare records, credit card numbers, etc.), request a specific number of infections, pay with an underground money transfer provider or Bitcoin – and be in business,” they shared.