Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
© 2015 Imperva, Inc. All rights reserved.
Top Cyber Security Trends
for 2016
Amichai Shulman, CTO, Imperva
December 16, 20...
© 2015 Imperva, Inc. All rights reserved.
Amichai Shulman – CTO, Imperva
•  Speaker at industry events
–  RSA, Appsec, Inf...
© 2015 Imperva, Inc. All rights reserved.
Agenda
•  Introduction
•  2015 Forecast Score Card
•  2016 Cyber Security Trends...
© 2015 Imperva, Inc. All rights reserved.
2015 Score Card
4
Trend Score
1 Targeted attacks change their nature	
   A
2 Pat...
© 2015 Imperva, Inc. All rights reserved.
2016 Cyber Security Trend #1:
IoT / BoT - Botnet of Things
1
5
© 2015 Imperva, Inc. All rights reserved.
BoT - Botnet of Things
6
© 2015 Imperva, Inc. All rights reserved.
Hacking the Fridge
7
© 2015 Imperva, Inc. All rights reserved.
Asking the Right Question
•  Can someone hack my toaster?
8
© 2015 Imperva, Inc. All rights reserved.
Asking the Right Question
•  Can someone hack my toaster? •  Can my network be a...
The Internet
of Things
A dramatic increase in
networked devices leads
to more opportunities for
ATTACK
The Internet
of Thi...
© 2015 Imperva, Inc. All rights reserved.
BoT - Botnet of Things
•  Connected IoT devices will never have “adequate” secur...
© 2015 Imperva, Inc. All rights reserved.
Our Prediction
•  More people talking about the wrong problems
•  More “IoT” bas...
© 2015 Imperva, Inc. All rights reserved.
2016 Cyber Security Trend #2:
Rise of Insider Threat
2
13
© 2015 Imperva, Inc. All rights reserved.
Rise of Insider Threat
14
Globally 89% of respondents felt that their organizati...
MaliciousCarelessCompromised
© 2015 Imperva, Inc. All rights reserved.
Outside In
•  Personal attack surface is growing
–  Social, mobile, IoE
–  We ar...
© 2015 Imperva, Inc. All rights reserved.
Inside Out
•  Shadow IT
–  Unmanaged Database servers
–  Partly commissioned Saa...
© 2015 Imperva, Inc. All rights reserved.
Our Predictions
•  Decrease in detection rates
–  Most solutions look for the to...
© 2015 Imperva, Inc. All rights reserved.
2016 Cyber Security Trend #3:
Data Security for the Big and Small
3
19
© 2015 Imperva, Inc. All rights reserved.
Big Breaches = Big Price Tag
•  Cost of data breach is higher than anticipated
–...
© 2015 Imperva, Inc. All rights reserved.
Big Breaches Start Small
•  Target breach started with a
compromised HVAC compan...
© 2015 Imperva, Inc. All rights reserved.
Smaller Companies are Targets
•  While sophisticated, targeted attacks do exists...
© 2015 Imperva, Inc. All rights reserved.
Cyber Insurance is Not a Silver Bullet
•  Big breaches leave some of the costs u...
© 2015 Imperva, Inc. All rights reserved.
Our Predictions
•  Continuing on our previous prediction – smaller organizations...
© 2015 Imperva, Inc. All rights reserved.
2016 Cyber Security Trend #4:
SSL More of a Problem than a Solution?
4
25
© 2015 Imperva, Inc. All rights reserved.
Subversion of Free SSL Certificates for Malware
26
© 2015 Imperva, Inc. All rights reserved.
Subversion of Free SSL Certificates for Malware
•  Easier to encrypt C&C communi...
© 2015 Imperva, Inc. All rights reserved.
What (else) Could Possibly Go Wrong?
•  eDellRoot
•  Logjam
•  Schannel TLS Trip...
© 2015 Imperva, Inc. All rights reserved.
A Note on HTTP/2
•  Major complex revision of HTTP protocol
–  Keep semantics bu...
© 2015 Imperva, Inc. All rights reserved.
Our Predictions
•  Continuous growth in SSL implementation and design vulnerabil...
© 2015 Imperva, Inc. All rights reserved.
2016 Cyber Security Trend #5:
Ransomware/Blackmail – Flourishing
Business
5
31
© 2015 Imperva, Inc. All rights reserved.
Ransomware Business on Personal Devices
32
© 2015 Imperva, Inc. All rights reserved.
Ransomware Business on Personal Devices
33
•  CryptoWall 4.0 – enhanced and hard...
© 2015 Imperva, Inc. All rights reserved.
Ransom/Blackmail on Enterprises
34
© 2015 Imperva, Inc. All rights reserved.
DDoS as a Service
35
© 2015 Imperva, Inc. All rights reserved.
DDoS as a Service
•  Ransoms with threats of DDoS Attacks
•  Based on low end DD...
© 2015 Imperva, Inc. All rights reserved.
Our Predictions
•  Unless authorities step in this is going to grow
•  May spill...
© 2015 Imperva, Inc. All rights reserved.
Summary
6
38
© 2015 Imperva, Inc. All rights reserved.
Our 2016 Predictions
•  IoT will start taking its toll on enterprises and indivi...
© 2015 Imperva, Inc. All rights reserved.
Our 2016 Predictions (cont.)
•  Continuous decay in security value of SSL
–  Cou...
© 2015 Imperva, Inc. All rights reserved.
Recommendations
•  Cyber space is not going to become more secure this year
•  E...
Top Cyber Security Trends for 2016
Upcoming SlideShare
Loading in …5
×

Top Cyber Security Trends for 2016

18,597 views

Published on

With mega-breaches like Anthem, OPM, IRS, Ashley Madison, UCLA Health and TalkTalk all within the past 12 months, chances are your data has been targeted. What does this mean for 2016?
Review this presentation and learn:
• Why cyber attacks continue to increase in sophistication, magnitude and velocity
• What trends will have the largest and smallest impact on cyber security in 2016
• Why cloud-based apps and the Internet of Things have transformed cyber security
• How you can protect your organization from attacks from the inside

Published in: Technology

Top Cyber Security Trends for 2016

  1. 1. © 2015 Imperva, Inc. All rights reserved. Top Cyber Security Trends for 2016 Amichai Shulman, CTO, Imperva December 16, 2015
  2. 2. © 2015 Imperva, Inc. All rights reserved. Amichai Shulman – CTO, Imperva •  Speaker at industry events –  RSA, Appsec, Info Security UK, Black Hat •  Lecturer on information security –  Technion - Israel Institute of Technology •  Former security consultant to banks and financial services firms •  Leads the Imperva Application Defense Center (ADC) –  Discovered over 20 commercial application vulnerabilities –  Credited by Oracle, MSSQL, IBM and Others 2 Amichai Shulman one of InfoWorld’s “Top 25 CTOs”
  3. 3. © 2015 Imperva, Inc. All rights reserved. Agenda •  Introduction •  2015 Forecast Score Card •  2016 Cyber Security Trends •  Summary and Conclusion •  Q&A 3
  4. 4. © 2015 Imperva, Inc. All rights reserved. 2015 Score Card 4 Trend Score 1 Targeted attacks change their nature   A 2 Patching is going to become impossible A- 3 DDoS is growing at the Internet rate A 4 SSL is at a tipping point A-
  5. 5. © 2015 Imperva, Inc. All rights reserved. 2016 Cyber Security Trend #1: IoT / BoT - Botnet of Things 1 5
  6. 6. © 2015 Imperva, Inc. All rights reserved. BoT - Botnet of Things 6
  7. 7. © 2015 Imperva, Inc. All rights reserved. Hacking the Fridge 7
  8. 8. © 2015 Imperva, Inc. All rights reserved. Asking the Right Question •  Can someone hack my toaster? 8
  9. 9. © 2015 Imperva, Inc. All rights reserved. Asking the Right Question •  Can someone hack my toaster? •  Can my network be attacked with a shoe? 9
  10. 10. The Internet of Things A dramatic increase in networked devices leads to more opportunities for ATTACK The Internet of Things
  11. 11. © 2015 Imperva, Inc. All rights reserved. BoT - Botnet of Things •  Connected IoT devices will never have “adequate” security –  Device take over –  Credential theft •  Botnets can grow larger undetected –  More opportunity – easier to form larger botnets –  More DDoS as a Service opportunity •  Possible increase in exposure from insiders –  BYOD on steroids –  Watch, wearables and others not as secure –  More compromised devices in the vicinity of enterprise networks 11
  12. 12. © 2015 Imperva, Inc. All rights reserved. Our Prediction •  More people talking about the wrong problems •  More “IoT” based botnets •  More incidents to link personal credentials with IoT breaches •  Highly sensitive companies starting to feel the pressure (not until the end of the year) 12
  13. 13. © 2015 Imperva, Inc. All rights reserved. 2016 Cyber Security Trend #2: Rise of Insider Threat 2 13
  14. 14. © 2015 Imperva, Inc. All rights reserved. Rise of Insider Threat 14 Globally 89% of respondents felt that their organization was now more at risk from an insider attack – Vormetric 2015 “55% of the Incidents from Internal Actors due to Privilege Abuse” -Verizon DBIR 2015
  15. 15. MaliciousCarelessCompromised
  16. 16. © 2015 Imperva, Inc. All rights reserved. Outside In •  Personal attack surface is growing –  Social, mobile, IoE –  We are extremely exposed and extremely vulnerable •  Engaged employees are a two way sword –  Mix work and personal life –  Most infections happen during office hours, 20% of infected machines attributed to enterprise networks •  End stations are increasingly vulnerable –  Tracking the number of patched vulnerabilities in end point components suggests a growing backlog with a constant fixing capacity 16
  17. 17. © 2015 Imperva, Inc. All rights reserved. Inside Out •  Shadow IT –  Unmanaged Database servers –  Partly commissioned SaaS applications •  More employees and more collaboration –  Barriers are taken down •  Shared data repositories with trusted partners •  Sensitive data is everywhere –  Cloud applications provide direct access without IT control –  Big data lakes –  1000s of “traditional” databases 17
  18. 18. © 2015 Imperva, Inc. All rights reserved. Our Predictions •  Decrease in detection rates –  Most solutions look for the tools and not the attack –  Attackers have all the infrastructure in place to evade ANY solution that takes the above approach •  Increase in absolute number of attacks of internal nature •  Large increase in total number and percentage of incidents of internal nature 18
  19. 19. © 2015 Imperva, Inc. All rights reserved. 2016 Cyber Security Trend #3: Data Security for the Big and Small 3 19
  20. 20. © 2015 Imperva, Inc. All rights reserved. Big Breaches = Big Price Tag •  Cost of data breach is higher than anticipated –  Target’s gross breach expenses totaled $252 million, insurance compensation brought that down to $162 million –  Home Depot expects $100 million in insurance payments toward $232 million in expenses from its 2014 breach –  Anthem breach expected to cost more than $100 millions 20
  21. 21. © 2015 Imperva, Inc. All rights reserved. Big Breaches Start Small •  Target breach started with a compromised HVAC company •  T-Mobile customer data breached through Experian •  JPMC customer data breached after an affiliate was breached •  Lockheed Martin breach through RSA 21
  22. 22. © 2015 Imperva, Inc. All rights reserved. Smaller Companies are Targets •  While sophisticated, targeted attacks do exists they are a negligible minority •  80% of infections stem from massive eMail campaigns •  Smaller organizations are infected and compromised as much as larger ones (or even more) •  Attackers are aware of 3rd party relationships between large targets and smaller service providers •  Transfer of liabilities may prove to be devastating for a smaller 3rd party 22
  23. 23. © 2015 Imperva, Inc. All rights reserved. Cyber Insurance is Not a Silver Bullet •  Big breaches leave some of the costs uncovered •  Insurance claims result in higher policy costs in the future –  “Health insurers who suffered hacks are facing the most extreme increases, with some premiums tripling at renewal time” - Bob Wice, a leader of Beazley Plc's cyber insurance practice •  Policy cost is detrimental for smaller business –  Insurers are not proficient yet in assessing the risks –  May consider making coverage conditional on a full and frequent assessment of policyholder vulnerabilities (PwC Research) –  Especially true for 3rd party liabilities 23
  24. 24. © 2015 Imperva, Inc. All rights reserved. Our Predictions •  Continuing on our previous prediction – smaller organizations are going to continue falling prey in larger numbers •  Expect more breaches to be attributed to 3rd party negligence •  Big enterprises to start paying attention to security posture of 3rd parties –  Set up standards / guidelines / requirements –  Transfer liability in the event of a breach •  Cyber insurance companies to attempt to set guidelines for data security –  Penetrate the smaller business market –  Must come up with a good actuary model based on standardized mitigation requirements 24
  25. 25. © 2015 Imperva, Inc. All rights reserved. 2016 Cyber Security Trend #4: SSL More of a Problem than a Solution? 4 25
  26. 26. © 2015 Imperva, Inc. All rights reserved. Subversion of Free SSL Certificates for Malware 26
  27. 27. © 2015 Imperva, Inc. All rights reserved. Subversion of Free SSL Certificates for Malware •  Easier to encrypt C&C communications •  Fast flux DNS can now be used in conjunction with SSL •  More certificates for more organizations = more opportunity for theft –  More opportunity for impersonation and code signing •  Free SSL certificates can significantly lower the cost of signed malware –  Combined with automation will help them remain undetected 27
  28. 28. © 2015 Imperva, Inc. All rights reserved. What (else) Could Possibly Go Wrong? •  eDellRoot •  Logjam •  Schannel TLS Triple Handshake Vulnerability - CVE-2015-6112 –  Add “Extended Master Secret” •  Bar Mitzvah attack –  RC4 under SSL is REALLY broken •  SSL Pinning –  Would invalidate NG Firewalls? 28
  29. 29. © 2015 Imperva, Inc. All rights reserved. A Note on HTTP/2 •  Major complex revision of HTTP protocol –  Keep semantics but replace everything under the hood •  Intended for use over TLS –  This part was not mandated by RFC but dictated by major browser vendors •  Inconsistency between SPDY and HTTP/2 in the use of TLS extensions •  New implementations that are not even based on the SPDY prototypes •  Across all major servers and browsers 29
  30. 30. © 2015 Imperva, Inc. All rights reserved. Our Predictions •  Continuous growth in SSL implementation and design vulnerability flow •  Increase in SSL usage and changes to CA infrastructure will benefit attackers –  More attacks go undetected over network (SSL certificates) –  More attacks go undetected inside end stations (code signing certificates) •  New HTTP/2 vulnerability flow –  We already have some in our lab •  It’s going to be much worst before it becomes better –  The foundation for secure traffic over the Internet must go through a drastic simplification process 30
  31. 31. © 2015 Imperva, Inc. All rights reserved. 2016 Cyber Security Trend #5: Ransomware/Blackmail – Flourishing Business 5 31
  32. 32. © 2015 Imperva, Inc. All rights reserved. Ransomware Business on Personal Devices 32
  33. 33. © 2015 Imperva, Inc. All rights reserved. Ransomware Business on Personal Devices 33 •  CryptoWall 4.0 – enhanced and harder to detect •  Once data is encrypted, unfortunately, not many options –  Standard modern encryption used in the proper way (i.e. cannot be broken) –  Reformat and restore from backup •  Authorities set the right atmosphere –  “To be honest, we often advise people just to pay the ransom.” – Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program –  The success of the ransomware ends up benefitting victims (same as above) –  Ransoms are low. And most ransomware scammers are good to their word (guess who…) •  Criminals are netting an estimated $150 million a year through these scams (FBI)
  34. 34. © 2015 Imperva, Inc. All rights reserved. Ransom/Blackmail on Enterprises 34
  35. 35. © 2015 Imperva, Inc. All rights reserved. DDoS as a Service 35
  36. 36. © 2015 Imperva, Inc. All rights reserved. DDoS as a Service •  Ransoms with threats of DDoS Attacks •  Based on low end DDoS as a Service Providers •  Simple execution –  Go online –  Purchase a monthly package –  Launch short attacks –  Send email –  Collect money 36
  37. 37. © 2015 Imperva, Inc. All rights reserved. Our Predictions •  Unless authorities step in this is going to grow •  May spill into the ICS / SCADA domain •  Some gangs may choose to go after bigger prey 37
  38. 38. © 2015 Imperva, Inc. All rights reserved. Summary 6 38
  39. 39. © 2015 Imperva, Inc. All rights reserved. Our 2016 Predictions •  IoT will start taking its toll on enterprises and individuals –  Botnet of things –  Credential theft through insecure devices •  Rise of insider threat –  Dramatic growth in successful attacks of insider nature –  Due to increased attack rate and lower detection rates •  Attackers go down the food chain –  Increased attacks on smaller companies –  Increased liability will drive data security needs 39
  40. 40. © 2015 Imperva, Inc. All rights reserved. Our 2016 Predictions (cont.) •  Continuous decay in security value of SSL –  Coupled with new opportunities for attackers to abuse growing use of SSL –  HTTP/2 vulnerability flow •  Ransom/Blackmail as a business model –  Fast growth business –  May affect larger organizations and other domains (ICS / SCADA) 40
  41. 41. © 2015 Imperva, Inc. All rights reserved. Recommendations •  Cyber space is not going to become more secure this year •  Enterprises must continue to invest in securing themselves, this goes down to the smaller enterprises as well •  Attackers are after data. This is where enterprises should invest their efforts of protection •  Once inside the organization attackers are not “attacking” but rather “abusing”. Look for solutions that detect abuse rather than attack •  Look for security as an overlay solution –  Databases cannot defend themselves –  Applications are not self defending –  Networks cannot be defended against DDoS from inside the network 41

×