Top 2014 trends in security focused primarily on what is still the greatest threat to organizations — malware — and attackers’ efforts to stay one step ahead of even the most advanced prevention and detection techniques. Another increasingly common theme this year was defense evasion.

Attackers are increasingly able to quickly develop new malware variants to defeat existing countermeasures by cashing in on source code leaks that can make it far easier to exploit vulnerabilities in affected applications. This had already been seen, with the source code breach at Adobe Systems touted as the worst such heist in history.

Top 2014 Trends

Other malware trends for 2014 included an increased use of old-school techniques that require attackers to develop more manual and time-consuming approaches as they attempt to bypass advanced detection and mitigation solutions.

Staying on the malware theme, another one of the top 2014 trends was malware researcher evasion, with attackers using a range of techniques to avoid detection by malware researchers. This way, the researchers cannot develop countermeasures for new vulnerabilities being exploited.

Other predictions for 2014 included the growing importance of the mobile channel for attackers. While one-time passwords delivered over SMS are increasingly being used as an authentication method for mobile users, SMS-forwarding malware is now being widely used, as well, making such an authentication method all but useless. Attackers were also looking to take over victims’ devices using remote access technologies in order to bypass security controls such as device fingerprinting. This makes subsequent transactions appear legitimate.

What’s in Store for 2015?

According to Etay Maor, a senior fraud prevention strategist at IBM Trusteer, while most of the predictions made for 2014 were nearly spot-on, they were not exactly daring.

On Jan. 14, Maor will present IBM’s vision for 2015 trends in a webinar titled “2015 Cybercrime Trends — Things Are Going to Get Interesting.” First, he will look at the major security stories from 2014, how they are in line with IBM’s predictions and how they demonstrate attackers’ increasing ingenuity. He will then take a look at what the events seen in 2014 portend and what will likely be seen in 2015.

According to Maor, given today’s complex and sophisticated threat landscape — with multiple external forces affecting crime and fraud — security teams and chief information security officers can no longer limit themselves to looking only at what is happening within their own backyards. While new, specific attack methods, techniques and protocols will be used against PC and mobile platforms, security practitioners need to open up and think more strategically. They shouldn’t just limit themselves to focusing on how specific tools such as firewalls and intrusion prevention systems are tuned to filter threats.

Rather, security teams need to better understand threats by taking into account the context of attacks and how new technology developments will affect security. Among the predictions he will make is how geopolitical forces will play an increasingly important role in attackers’ motivations and force security practitioners to think much more strategically about how attacks are perpetrated. Newer technology delivery mechanisms, including mobile platforms, the Internet of Things and mobile payment mechanisms, will continue to rise in importance throughout 2015 as well. They will require organizations to ensure their security controls reach out to the extended enterprise. Endpoints are the new perimeter, and efforts must be focused here.

Finally, Maor will discuss how criminals are increasingly operating behind a veil of anonymity. Recent revelations regarding the extent of government surveillance of electronic communications and law enforcement crawling anonymous networks will cause criminals to look for more ways to be covert. This is an extension of the 2014 trends pointing toward the use of more advanced techniques to evade detection.

Last year saw some major security breaches that drove home just how damaging security incidents can be. In 2015, there will not only be more online fraud and malware, but it will be more complex, more sophisticated and ever stealthier. Organizations need to think more strategically about their security defenses.

More from Intelligence & Analytics

RansomExx Upgrades to Rust

IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that has been rewritten in the Rust programming language, joining a growing trend of ransomware developers switching to the language. Malware written in Rust often benefits from lower AV detection rates (compared to those written in more common languages) and this may have been the primary reason to use the language. For example, the sample analyzed in this report was not detected as malicious in the…

Moving at the Speed of Business — Challenging Our Assumptions About Cybersecurity

The traditional narrative for cybersecurity has been about limited visibility and operational constraints — not business opportunities. These conversations are grounded in various assumptions, such as limited budgets, scarce resources, skills being at a premium, the attack surface growing, and increased complexity. For years, conventional thinking has been that cybersecurity costs a lot, takes a long time, and is more of a cost center than an enabler of growth. In our upcoming paper, Prosper in the Cyber Economy, published by…

Overcoming Distrust in Information Sharing: What More is There to Do?

As cyber threats increase in frequency and intensity worldwide, it has never been more crucial for governments and private organizations to work together to identify, analyze and combat attacks. Yet while the federal government has strongly supported this model of private-public information sharing, the reality is less than impressive. Many companies feel that intel sharing is too one-sided, as businesses share as much threat intel as governments want but receive very little in return. The question is, have government entities…

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly complex IT environments and subsequent security tooling The ability to act on the insights from their security tools including security information and event management software…