Attackers would target IoT, Cloud in 2016: Fortinet  

cyber Security

The Internet of Things (IoT) and cloud are likely to fall prey to new malicious tactics and strategies in 2016, said FortiGuard Labs, the threat research division of Fortinet.

“In 2016, though, we expect to see further development of exploits and malware that target trusted communication protocols between these devices,” Fortinet said in its annual predictions report.

FortiGuard researchers warned that hackers will take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect.

It also pointed out that worms and viruses are likely to hit headless devices with small amounts of code that can propagate and persist.

Fortinet also predicted the emergence of increasingly sophisticated evasion techniques that will push the boundaries of detection and forensic investigation as hackers face increasing pressure from law enforcement.

The company said many organizations have turned to sandboxing to detect hidden or unknown malware by observing the behavior of suspicious files at runtime.

Two-faced malware, though, behaves normally while under inspection and then delivers a malicious payload once it has been passed by the sandbox. Fortinet warned that this can prove quite challenging to detect but can also interfere with threat intelligence mechanisms that rely on sandbox rating systems.

Arya MM

[email protected]

  • Ulf Mattsson

    I agree that “The Internet of Things (IoT) and cloud are likely to fall prey to new
    malicious tactics and strategies in 2016.”

    Attackers may steal your keys and data that are exposed to cloud. Recent guidance from Gartner is recommending to “understand when data appears in clear text, where keys are made available and stored, and who has access to the keys,” and recommending to “apply encryption or tokenization.”

    It has been six years since Ristenpart demonstrated the viability of co-location and provided the first concrete evidence for sensitive information leakage on a commercial cloud. I find it concerning that researchers recently found similar data leakage at the
    prominent Amazon cloud, again. A 2015 research paper from Worchester Polytechnic Institute, MA, USA, presents “a full-fledged attack that exploits subtle leakages to recover RSA decryption keys,” and concluded that “the cross-VM leakage is present in public clouds and can become a practical attack vector for both co-location detection and data theft.”

    Amazon published “Introduction to AWS Security by Design” in October 2015 and recommends to “Encrypt your data or objects when they’re stored in the cloud, either by encrypting automatically on the cloud side, or on the client side before you upload it.”

    A recent Gartner report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files.”

    Ulf Mattsson, CTO Protegrity