Security Threats Lurking Within Real Lives
IGLOO Released a Prediction Report on Security Threats for 2016

- Rapid spread of threats targeting individual users, requiring enterprises, institutes and even individuals to countermeasure
- Attacks to come in 2016, further diversified in their routes, targets, scope and means
- Information security gaps remaining still, urging enterprises to effort for enhanced security

[Dec. 9th, 2015] IGLOO SECURITY, a leading provider of next-generation integrated security management technologies (CEO: Deukchoon Lee, www.igloosec.co.kr) issued “Predictions for Security Threats in 2016” on December 9th, a report that tackles key security threats anticipated in 2016. In this fourth edition of the report, which is strictly based on a prediction research done by the Security Research Unit, an internal expert group of IGLOO consisting of 20 security experts, key predicted that cyber security threats are investigated and discussed with options enterprises can choose to counteract against them with agility.

The security think tank summarized the analysis results; the routes, targets, scopes and means of security attacks are more and more sophisticated and diversified due to mainly the spread of connected smart devices and related services. In addition, contrary to the conventional focus on enterprise and organizations, attacks are now expanding to reach public users through diversified ways including distributed ransomware, cloud hacking and stealing medical records.

IGLOO’s Outlook for Security Treats in 2016

The followings are key security threats predicted by IGLOO:

1. Evolution of Mobile Security Threats
With the emergence of FinTech, financial transactions are rapidly increasing on mobile. This tendency allows us to anticipate security threats on mobile become issues as critical as the threats on PC, due to their evolution in sophistication and volume. Mobile threats already go beyond what have happened in PCs and makes the best use of malicious codes highly optimized to mobile devices while becoming even smarter to exploit the vulnerabilities of mobile devices.

 
Therefore, it is anticipated that, according to the report, the demand will increase for a countermeasure to tackle the new security threats that take advantage of the mobility, scalability and convenience of mobile devices, through integrating diverse security technologies including security monitoring services, financial transaction detection system (FDS), and financial transaction analysis.

2. Security Threats on the Cloud
Recently, major portal services and telecommunication service providers in Korea are scrambling in the local cloud service market, aided by the central government-led initiatives (e.g. Cloud Development Act) and supports; cloud users are expected to increase steadily. This also means that the security threats and risks increase on the cloud environment as well.

Therefore, to enjoy the advantages of cloud computing, it is inevitable to increase the security through implementing security solutions optimized to the cloud environment and enforcing security monitoring and management policies tailored to the cloud requirements.

3. IoT Security in Need of Integrated Security Monitoring System and Standardization
Security issues in internet of things are expected to become a global concern, as they are critical to privacy, confidential information of organizations and governments, and even to the lives of people. However, it is practically impossible for general enterprises and organizations to reflect security insights to every aspect of a product or service planning and design practices, manage and control IoT devices in a sustained manner, and gain a full visibility of all networks to which their devices are connected.

Therefore, prior to the IoT market establishment and the expansion of relevant services, it is inevitable to achieve a social consensus through discussions on how the security on IoT can be implemented, monitored, centralized and standardized.

It is also required to draw specific countermeasures, for example, developing security modules complying with the ‘7 IoT Principles’ announced by the Ministry of Science, ICT and Future Planning of Korea and the Korea Internet & Security Agency, on an international standard and open platform such as onM2M or MOBIUS.

4. Data Thefts and Threats by Frenemies to Further Increase
With the expansion of the mobile work environment and increase in cloud service subscribers, the security threats by insiders or frenemies, a portmanteau of friend and enemy, are expected to remain as a critical security concern for enterprises and organizations in 2016. In enterprise environments, confidential data is still communicated through unauthorized channels, and intended insiders can steal customer information and confidential documents as well.

Regarding this circumstances, enterprises are expected to be more active in preventing their confidential data from being disclosed. It is also required for enterprises to switch their information security management focus from intrusion detection and defense of internal assets from external attacks (even some still relying on regular security education for internal users, code of conduct for reinforcing data confidentiality, none-disclosure agreement practices with partners, etc.), to gaining a visibility of all internal data flow and detecting suspicious or abnormal activities.

5. Increased Attacks on Medical Data, Requiring Vigilance on Medical Records Protection
Medical records are the most sensitive PII as they are valuable to cybercrimes, so it is needed to heighten vigilance against the leakage of medical records. Medical records contain many sensitive data such as name, gender, medical history, financial information and the like, which may allow criminals to utilize those PII more easily. Worse, it is practically impossible for the owner of the records to control remotely access to data once said data is stolen or leaked.

Wearable smart devices are emerging, and therefore the risk of medical record leaks is also anticipated to increase. Security investments to prevent and countermeasure these leaks also have to be made as soon as possible.

6. APT Targeting Korea on Increase
Korea has been suffering the disgrace of being a testbed or a pass-through for hackers, but is also becoming a target of APT (Advanced Persistent Threat). In Korea, an institutional basis still needs to be complemented to boost the information security awareness compared to advanced countries. Namely, the legal basis is insufficient to cover cybercrimes and the investment on security is kept lower than other investment areas in ICT. Also, the high-speed internet infrastructure can spread attacks instantly. These make Korea more prone to cyberattacks.  Last April, a ransomware written in Korean was distributed across the nation through a famous website, which implies that global hackers have an increased understanding about the local users and applications.

To effectively cope with these cyber threats, a nationwide awareness on information security needs to be improved while the investment should be increased on information security.

7. Conventional Threats Still Prevail, So Does the Gap in Security Levels
In conjunction with novel-type attacks and still existing conventional attacks including DDoS, web shell and SQL injection, enterprises are required to establish effective countermeasures in 2016 as well. According to an IGLOO’s research that investigated security accidents occurred in 2015, security accidents corresponding to conventional threats accounted for 70% of total accidents, indicating that they are still prevailing. Typically, enterprises and organizations with lower levels of security are prone to attacks while well-known vulnerabilities, passwords, administrator credentials and server settings are easily leveraged and manipulated by attackers.

Therefore, it is required to enforce a data-centric security policy that goes beyond conventional perimeter-based security while remaining compliant with the security guidelines, in order for enterprises and organizations to cope with these novel threats as well as conventional ones.

Ilok Jeong, director of Security Research Unit of IGLOO SECURITY, underlined “We are seeing that the security threats are further amplified in 2016. What claims our attention is not only that the route, target, scope and means of attacks are further diversified and sophisticated; but also that the threats are now living with us.” He also added “The Security Research Unit of IGLOO has professional and hand-on knowledge and expertise in cybercrimes. We would help enterprises, organizations and even individuals cope with these security threats by sharing its intelligence on said threats and the findings from in-house research works.”

The Security Research Unit of IGLOO SECURITY aims to help enterprises improve their security and realize a sound security infrastructure for the entire society by applying professional experiences and expertise it has accumulated in the field of cyber security. To this day, the unit analyzes threat-related data collected globally from many enterprises and organizations in real time, and share the intelligence and security insights derived from the analysis.
​