Kim Zetter did her homework and extrapolated for WIRED magazine the current threats and looked at how they would unfold in the coming 12 months. She has cast a wider net than normal, now that nation-states are up to their elbows in cyber warfare. I will give a short excerpt of each of the six biggest threats, and I recommend you read the whole article at WIRED. Link at the end.
The NSA and the UK’s GCHQ hacked Belgium’s state-owned telecom Belgacom. New revelations about the Regin malware used in the hack, however, show how the attackers also sought to hijack entire telecom networks outside of Belgium. These and other efforts the NSA has employed to undermine encryption and install backdoors in systems remain the biggest security threat we face in general.
Controversy still swirls around the Sony hack and the motivation for that breach, but hacker shakedowns are likely to occur again. The Sony hack wasn’t the first hacker extortion we’ve seen, but most of them until now have occurred on a small scale—using ransomware. The Sony hack is the first high-profile extortion breach that involved threats of data leaks and could could become a bigger problem for prominent targets like Sony.
The Sony hack announced another kind of threat we haven’t seen much in the U.S.: the data destruction threat. This could become more common in 2015. The attackers behind the breach of Sony Pictures Entertainment didn’t just steal data from the company; they also deleted it. It’s a tactic that had been used before in attacks against computers in South Korea, Saudi Arabia and Iran.
Bank Card Breaches Will Continue
In the last decade there have been numerous high-profile breaches involving the theft of data from millions of bank cards. Card issuers and retailers are slowly moving to adopt more secure EMV or chip-‘n’-PIN cards and readers, which use an embedded microchip that generates a one-time transaction code on in-store purchases and a customer-entered PIN that makes stolen data less useful. With the shift to EMV cards, hackers will simply shift their focus.
In recent years we’ve seen a disturbing trend in so-called third-party hacks, breaches that focus on one company or service solely for the purpose of obtaining data or access to a more important target. We saw this in the Target breach when hackers got into the retailer’s network through a heating and air-conditioning company that did business with Target and had access to its network. But this is low-level compared with more serious third-party breaches against certificate authorities and others that provide essential services. These kinds of breaches are significant because they undermine the basic trust that users have in the Internet’s infrastructure.
One sign that hackers are looking at industrial control systems in the U.S. is a breach that occurred in 2012 against Telvent, a maker of smart-grid control software used in portions of the U.S. electrical grid as well as in some oil and gas pipeline and water systems.
The hackers gained access to project files for the company’s SCADA system. Vendors like Telvent use project files to program the industrial control systems of customers and have full rights to modify anything in a customer’s system through these files. Hackers can use project files to infect customers or use the access that companies like Telvent have to customer networks to study the customer’s operations for vulnerabilities. Just like hackers used third-party systems to gain access to Target, it’s only a matter of time before they use companies like Telvent to gain access to critical industrial controls—if they haven’t already.
Here is the full (warmly recommended) article: