Kaspersky: APTs will ‘cease to exist’ in 2016
High-profile advanced persistent threats, such as the Stuxnet cyber weapon which crippled Iran’s nuclear program and the Duqu 2.0 surveillance platform, will “cease to exist” as we currently know them next year, according to predictions by computer security company Kaspersky Labs.
Instead, in an effort to maximize return on investment, Kaspersky said, nation-state hackers will move away from labor-intensive, customized programs in favor of off-the-shelf malware and opt for a blitzkrieg style flurry of attacks rather than subtle long-term strategies. The “threat,” in other words, will remain just as real, but the concepts of “advanced” and “persistent” will wane.
“2016 will see significant evolution in cyber espionage tradecraft, as sophisticated threat actors minimize investment by repurposing commercially available malware and become more adept at hiding their advanced tools, infrastructure, and identities by ditching persistence altogether,” Juan Andrés Guerrero-Saade, senior security expert of the Global Research and Analysis Team at Kaspersky, said in a statement.
Hacking trends such as ransomware attacks, in which attackers steal the contents of a target’s hard drive and hold them for cash ransom, have made hacking into a lucrative pursuit, and according to Kaspersky’s report, the emphasis now is less on proving advanced skills and more on maximizing profits. This same modus operandi applies to other operators as well, including hacktivists and even nation state actors whose interests lie in information over money.
“As the urge to demonstrate superior cyber skills wears off, return on investment will rule much of the nation-state attacker’s decision-making,” Kaspersky noted in the report. “Nothing beats low initial investment for maximizing ROI.”
Kaspersky predicts targeted attacks on Internet of Things devices, such as smart televisions or even coffee makers. By singling out technology often affiliated with a wealthier demographic, “mercenary” hackers will increase the likelihood of scoring a higher payout. Alternative payment apps like ApplePay and Android Pay will also be increasingly at risk.
With the stakes steadily rising, Guerrero-Saade noted that a large swell in the number of active hackers is also expected.
“The profitability of cyberattacks is indisputable and more people want a share of the spoils,” he said. “As mercenaries enter the game, an elaborate outsourcing industry has risen to meet the demands for new malware and even entire operations. The latter gives rise to a new scheme of Access-as-a-Service, offering up access to already hacked targets to the highest bidder.”
This influx could coincide with an anticipated rise in “DOXing,” public shaming and extortion attacks, similar this year’s Ashley Madison scandal. Hacktivists are expected to execute more strategic dumping of private pictures, customer lists and personal identity information.
To counter the new wave of threats, Guerrero-Saade counseled cooperation and information sharing.
“We believe that sharing insights and predictions with our colleagues across the industry as well as with government, law enforcement, and private-sector organizations will promote the necessary collaboration to proactively face oncoming challenges head-on.”