SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cyber crime rife: The whole approach to security must change
Wed, 16th Dec 2015
FYI, this story is more than a year old

Entirely new classes of cyber threats will emerge in the new year and require fresh counter measures, according to the latest predictions by Unisys.

Already, security professionals are adopting a new mindset after a year of sophisticated and successful attacks at a number of organisations, including the US Office of Personnel Management and the Ashley Madison website.

Unisys says in 2016 professionals will embrace advanced approaches, such as micro-segmentation, to counter increasingly pervasive attacks by cyber criminals.

“Corporate and government leaders understand that as their enterprises have grown beyond their four walls and threats have moved from concept to reality, their whole approach to security must change now,” says Tom Patterson, Unisys vice president of global security.

“In 2016, corporate leaders will take the actions needed to protect themselves in this new reality,” he says.

Consequently, Patterson predicted the rise of a new security approach that embraces micro-segmentation, which allows enterprises to economically divide their physical networks into hundreds or thousands of logical micro-networks, or microsegments.

Such an approach understands that adversaries will ultimately infiltrate an organisation, but limits the damage they can do once they're in. This makes the difference between a routine cyber incident and a business catastrophe, Patterson says.

Patterson predicts additional new developments in 2016, including new security threats from rogue intelligence officers, cyberattacks that result in physical destruction, and the rise of quantum computing threatening encryption-based defences.

Rogue intelligence officers will use government-owned spy capabilities for their own purposes.

Many of the state-sponsored attacks that have been attributed to governments around the world are actually executed by state employees motivated by their own ideological issues without government authorisation, Patterson says.

In 2016, Unisys predicts that rogue intelligence officers will emerge as a separate threat category that business and government organisations will need to monitor and control in a different way than they would for a state-sponsored attack.

Cyberattacks meet the physical world - with potentially fatal results.

Up until now, the worst thing that could happen to a machine under cyberattack would be ‘the blue screen of death'.

Now, attackers can control machines, which means they can crash a car, stop someone's heart, black-out a city, or destroy public infrastructure, Unisys says.

With many of these devices built on old open systems, integration of modern security is critical to our lives and livelihood, according to the company.

Unisys predicts that enterprises will see the real world results of this in 2016 as digital and physical worlds collide.

Expect a massive ramp-up in the arms race around quantum encryption.

Today's cyber criminals looking to circumvent encrypted communications are limited by the inability of modern computers to calculate a long encryption key.

But with the impending advent of quantum computers, able to break down encryption in seconds, enterprises will need more advanced encryption approaches to thwart criminals, according to Unisys.

In 2016, Unisys predicts a significant increase in enterprise funding and R-D investments in developing quantum encryption as a means to counteract the advent of quantum computers.

“Although many threats loom in 2016, security professionals also have an arsenal of new countermeasures like micro-segmentation.

“This will be the year we start changing the playing field and shifting the advantage back to the good guys,” Patterson says.