Here’s some good news. Prices of malicious wares in the cyber underground have drastically come down. The average price of credit card credentials has reduced to $1 from $3 in 2014, Facebook credentials to $100 from $200 and that of Gmail credentials to $100 from $217. This, experts say, is because of the tremendous increase in supply.
This happiness, however, is short lived. Cybercriminals will set their sights on bigger targets rather than on individuals, as this translates to bigger gains.
Trend Micro, the security solutions firm, says that the cyber criminals will move on to learn newer tricks in 2015. For one, they are going to try their hand on the emerging opportunity of Internet of Things and the gadgets being developed around it. The other major soft targets include vulnerabilities in open source solutions and growing number of mobile payment platforms.
“Attackers will find IoT devices viable attack targets because of the endless possibilities their use presents. We are bound to see greater adoption of smart devices like smart cameras and TVs in the next few years, along with attacks against their users,” Trend Micro said in its report on threat predictions for 2015.
The report, The Invisible Becomes Visible, said that since IoT devices remain too diverse and a ‘killer app’ has yet to emerge, bad guys will not be able to truly launch large-scale attacks against them. “Attackers are more likely to go after the data that resides in these devices. In 2015, we expect attackers to hack smart device makers’ databases to steal information for traditional cyber attacks,” it points out.
Attacks to go diverse
“In the next few years, we will see even more diverse attack origins and targets. Threat actors’ motivations will continue to vary. They will, however, continue to go after top-secret government data, financial information, intellectual property and industry blueprints,” it says.
Although majority of targeted attacks seen to date are initiated by spear-phishing emails or watering hole tactics, social media will increasingly be abused as infection vectors in the future, it said.
Individuals should regularly change passwords while organisations should constantly monitor their networks for all kinds of threats and exploitable vulnerabilities.