As the technology is moving forward with an ease, the major issue of security is also getting intense day by day. Here are some of the major things which we had already seen till this 2015, which created a big issues that cannot be ignored at all.

1. Possible Cyber Security Threats of 2016:
Computing is becoming one of the important aspect of life these days. It's used in all area of life, from
personal pleasure to serious business dealings and contracts. It has opened the gates to so many
opportunitieswhichwere hardto imagine inthose early days. As the technologyiscomingforward that
much the development is happening to make life easier. Almost all the objects are smarter nowadays.
Name it and you will find it, mostly all the modern devices are enabledwith internet connectivity,from
smart phone, smart television to smart car. Many enhancement has been done which makes it very
differenttointeract,whetherit'ssight,soundor touch, everywhere technologyisinvolved inone or the
other way. No doubt, it’s creating a real meaningful connection with everyone like suppliers, partners,
customers or government.
As the technologyismovingforward withan ease,the major issue of securityis alsogettingintense day
by day. Here are some of the major thingswhichwe had alreadyseentill this 2015, whichcreateda big
issues that cannot be ignored at all.
Cyberattacks:
The growthof smart devicesisgoingto be more in comingyears,so as the usersof these smartdevices.
The major concern is that though it comes with security featuresbut still threatsare happening, so the
growth of cyberattacks is there.

2. Hard to Detect Attacks:
We had alreadyseenlotof hardto detectattacksandone of themwhichisstill the biggestisMalware.In
thispast 2015, we alsosaw some newtypesof attackswhichwere evenhardertodetectforexample file
less attacks, exploits on remote shell, theft of personal credentials and many more.
New type of Devices:
In the past year Internet of Things (IoT) has made the tremendous growth. Nowadays, so many new
deviceshave become the partof ourlife. We have alreadyseenseveralsmartdeviceswhichare usefulfor
home security, high-tech smartphones or tablets which even gave growth to wearable devices such as
smart watch.
Absolutely, more companies will come forward to launch these type of new devices, but as these
companies compete which each other in providing devices as early as possible, they fail to provide the
security which makes it a big concern to look at.
Apart fromthis,these newdevicesare now acceptedwithinthe organizationaswell,so the possibilityof
carrying the confidential information which should not be leaked is there. It will be hard to accept but
these gadgets like smart watch don’t even provide the basic security, which makes all the confidential
data vulnerableforattacks whichare fedintothese devices.Anotherimportantconcerntotake care of is
that these attacks whichare done on organizationcan create a big havoc for the company as well as for
their related clients also.

3. By looking at the above image you can clearly see that how many devices are available in the market.
Whether its tablets, wearable devices, loT devices and still more to see in coming years.
Growth in Cybercrime:
Aslongas these technologybased devicesare available,criminalswill alwaysbe there todoharm.So,it’s
obvious thatcybercrime isgoingto make its stayfor longtimesto come.As businessistomake profitso
as these cybercriminals,theylookoutformonetary gainsinoneorthe otherwayaseasyaspossible. One
of the reasoncan be of the growthincloudcomputingwhichcancreate lotof vulnerabilitiesandpossible
threats as mostly cybercriminals go for the data.
Apart from that, cloud computing can also become one of the biggest platform for cybercriminals, as it
providesthe abilitytostore huge amountof dataandit’snotevenpossibletoshutdownthe whole cloud
computing services.
By looking at the image below you can know that there are about 70% of people who thinks that
cybersecurityisthe growingconcernfortheirorganizationwhereasabout48% thinksitcanbe dangerous
that can lead to loss of life as well.

4. Is Organization Prepared?

5. It's not new that every country has faced cyber-attacks. Even though if we try to find out how many
country are prepared for the cyber-attacks if any happen in future, the answer will shock you. Though
mostcountriesthinksliketheyare preparedif anyof the cyber-attackhappens,whichisquite goodnews
but still efforts to make it better should be there.
Cybersecurity Policies of the Organization:
Preparation comes into action when the organization have the proper plans for that. By looking at the
above graph it can be said that only52% of the organizationhave a plan for cyber-attacksand only37%
of the company have adopted the industrial security standards. By this survey you can say there are
chances of devices getting compromised.
Budget of Organization:
Several organizations of different countries still say that their budget for cybersecurity is same, or they
are not sure and very few countries are there which has definitely increased their budget for
cybersecurity. Due tolackof thisstepit makesthe possibility forsome of the seriousattacks tocountries
which are not having up to the mark security measures, as most of the cyberattack techniques are hard
to detect by those old methods.

6. Based on all these, here I would like to share some possible cyber security related threats which can
happen in this year of 2016.
Attacks Related to Hardware:
In past year we saw some of the hardware relatedattacks like malware were able toreprogramthe disk
on sucha level whichmakesitmandatorytoreinstall the operatingsystemorreformatthe harddrives. It
is one of the example whichshowshowstrong the knowledge of attackersare and how aggressive they
have become, and this trend will definitely be seen in 2016 with some other major possible attacks.
Ransomware - One of the Growing Attack:
Ransomware hasgrownrapidlyfrom2014 onwards,we saw manyattacks of it inthe past year 2015 and
it’spredictable thatitwillbe continuedin2016 as well.Recentlyin2015,Ransomware wassoldasone of
the service through Tor network whichanyone can get it with the help of virtual currencies like Bitcoin.
We evensawsome of the differenttypesof Ransomware like CryptoWall3,CyptoLockerandCTB-Locker,
its sure to say that 2016 will bring some other threats of Ransomware as well.
The main motive of Ransomware is to get income by the help of spam campaigns, and the wealthy
countries are the main targets. Till now Microsoft Office, Adobe PDF files or Graphic files has been the

7. target but in 2016 we can see that, other file extensions will also be used. Mac OSX is also one of the
popular OS, so it’s most likely that it will become the next Ransomware target.
COUNTRIES AFFECTED BY RANSOMWARE
In the above images we can clearly determine,how the growth of Ransomware has taken place in past
three years and which countries are mostly affected by ransomware.

8. Vulnerable Applications:
It wasandtoday'sdate alsovulnerabilityof applicationsandsoftware are one of the majorconcernwhich
haven'tbeensolvedcompletely. Oneof the example isof AdobeFlashwhichhappenedrecently,some of
the vulnerabilitieslike CVE-2015-0311& CVE-2015-0313 were foundin AdobeFlashplayer.So,it'spossible
these typesof attackswill make more hype inthisyearaswell. Aswe can see above, severalapplications
were foundvulnerable. These vulnerabilitiesare still notthat dangerous,butthe concernedissue isthat
inthiscomingyearitispossiblethatthe vulnerabilityinapplicationsof Internetof Things(IoT)canbecome
much threatening.
Change in Payment Methods:
Earlierwasthe time whenshoppingjustneededcash.Intoday'sdate thoughcashpaymentdoesexistbut
othermethodshave alsocame intoplay.Thereare several methodsavailableformakingpayments.Some
of them are like paying through Bitcoins, ApplePay, Debit Cards and Credit Cards.
Definitely, the change has made an advancement but with this the threat of security has also been
extended.Bythe growthof otherpayingmethods,the chancesof attackshasalsoincreased. Asmuchthe
technology is making an advancement that much the attackers are also improving their techniquesin
attacking the target people.
Several change has been seen in methods of attack, but still some of the basic informationremainsthe
same such as usernames, passwords and other credentials. So, they have also found several ways to
lookout for these information. Due to this, we can surely say that it will continue in this 2016 as well.

9. Vulnerability in Employees Personal Systems:
Throughseveral yearswe have seensome of the high profileattacksanddefinitelythisyearcouldalsobe
the same. Though inthe past year2015, we got some bad newsfor large corporate companies, agencies
relatedtogovernments andevendatingwebsitessuchasAshleyMadison. The pointtonote inthesetype
of attacksisthat,there wasnotanyvisiblechange onwebsites.The targetwasconfidentialdatalikecredit
card details,social securitynumbers,residential addressandotherimportantdetailswhichwere stolen.
Thoughthese recentattackshasmade the securitya majorconcernand evencompanieshasalsostarted
takingprecautions. Youcansee thatsome of the companiesare eveninvestingontrainingemployees for
taking proper precautions, but these won’t be able to stop attackers completely. Attackers will opt for
other ways to get their work done. Though company make a smart choice of upgrading their security
systems, but still there are chances as organization is not aware about the security level of employees
personal computersystemsorwhere theyare usingthem, sothere’sawhole lotof chance forthese type
of attacks in this year also.
Services of Cloud Computing:
From pastfewyearswe have seenthe growthof cloudcomputingservices.Fromsmall tobigcompanies,
most of them opt for cloud computing, as it offers data storage at minimum cost and accessibility to
connect anyone whenever you want.
The main concern is that, the data which is shared among these platforms and services are mostly
confidentialandanyleakcouldleadtobigproblems. Mostof the companiesuse cloudcomputingservices
for trading and other important things, which makes it quite reasonable why attackers would opt to do
theirnotoriousactoncloudservices. Apartfromthis,customersare alsohavingriskastheyare notaware
aboutwhatsecuritymeasuresare takenbythe companywhentheyare dealingwithsensitive data. Some
of the recentattacksof past yearare like databreach whichincludedexposingof informationlikeemails,
salarydetails,confidential informationof employeesandmuchmore. Majorityof the organizationsgofor
low-costor evenfree cloudserviceswhichmakesthe shareddata vulnerable assecuritydetailsof these
type of servicesare mostlynotrevealed. So,it’squite sure tosaythat chancesof attacks are still there in
this year as well.
Wearable Devices:
In previous year we saw the huge growthof IoT (Internet of Things).At the time of beginning of loT the
mainmotive wasto make the normal devices"smart,"byaddingthe computingandwirelesstechnology
intoit.Some of the exampleslikesmartTVsandthe connectedhome devicesgave lotof promise forthe
same. In the past we saw the huge growth of it through wearable devices for example smart watches,
fitness trackers and other devices as well. In today's market some of the popular brands includes Apple
Watch and to name some other like Fitbit and Pebble.

10. In coming time definitely there’s going to be a boost in sales for these types of devices. Though these
types of devices collect simple type of data, which are further stored on smartphones, tablets or
computersbut,the sad part is that for hackers it’snot that hard to break intothese devicesasit usesLE
(Low Energy) technology like Bluetooth for the process of data transfer applications, as Bluetooth
technology is one of the weak technology which should not be ignored.
The applications used for wearable devices does not come with solid security measures which literally
showsthat inthiscomingyearswe can see some of the major attacksthrough itlike oursmartphone get
completely hacked due to these type of devices.
Attacks on Automobiles:
Inpastyearwe sawhowmuchadvancementhasbeenmade andeventhe automobilesare alsoconnected
with the wireless technology. Though technology getting connected with automobiles is quite exciting,
but itshouldalsohave some properprotection methods whenitcomestosecurity,whichisnotquite up
to the mark as it has to be. Apart fromautomobiles,evenroads will alsogetconnectedwithtechnology
in the coming years.

11. As per the survey it has been said that there will be about 220 million cars on roads which will be
connected with internet and wireless technology, and from this about 12% of the cars will be internet
enabledinthis2016itself. More toadd,consumersare evenlookingforwardforthecarswhichgive access
to internet connectionthrough monitor installed in car, auto-detectionof traffic signals,alarm warning,
capable of night vision, access to social media and much more. As per the securityreport of Intel, it has
beenrevealedthatvehiclesshouldofferprivacyof data,encryptednetwork,monitoringof behavior which
is currently not available.
Recently one of the research has been done, where it has been showed that it is possible with certain
selected cars to be hacked through entertainment system and to send commands to its dashboards
functions andtotake controlovercertaincritical functionsof thecarlikesteering,brakesandtransmission
that also fromthe remotely locatedlaptop.So,it’snotnew that it will openthe doors forhackers which
can lead to some serious life threatening issues.
Easily Available Stolen Data:
The security tools and products such as firewalls,gateways and other end point products works well in
protecting the users from common possible attacks. So, attackers look for some other ways to do their
mischievousbehavior.Theymightlookforsomeothervulnerabilityinthe securitysystemorelsetheywill
even opt for some other options such as to purchase the stolen credentials from the dark web.

12. Purchasingthe credentialsgive easyaccesstothe companiesdata,asitlookscompletelylegitdue tovalid
user-namesandpasswords.Inthiswaytheywillbe abletobypassall thesecuritysystem. Ithasbeenseen
frompastfewyears thatlotof datawasstolen fromorganizations,government,healthcare agencies,and
these type of attacks are still happening. To overcome this problem the security system of behavioral
detectionisinprocesswhichwill be availableincomingfew years,buttill thatthese attackscan be seen
in this 2016 and some coming years as well, as some of the trusted cybercriminals will easilybe able to
purchase stolen data, compromised details from the big warehouse of the dark market.
Different Approach:
Technology is advancing constantly, so it’s nothing new that the improvement in online security is also
happeningpersistently.Nodoubt,the industryoranyorganizationwill alwayslookoutforthe bestwhen
it comes to securing their confidential data and other personal details.
One thingto note isthat as the technologyisimproving,thatmuch the plansand tactics of attackers are
improving.Attackers donotgowitholdtechniquesanymore,theyalsoconstantlykeeponimprovingtheir
skills and approach towards the attack they plan to do.

13. By looking at the past, anyone can say that these are some of the obvious attacks which happened and
there’s possibility of the same in present as well as near future, such as data breach, compromised
accounts, and many others. But the attackers are nowadays getting more skilled due to which they are
out to do some more dangerous attacks like changing the integrity of the system.
Attacks like makingchange in the integrityof the securitysystemismore dangerouscomparedto other
commonattacks whichhappens. Asby these type of attacks,attackers are able to make small change in
the security system, which can damage the system in a very serious manner. These type of attacks are
possible by someone who have the knowledge of the security system of organization, any employee or
any skilledcybercriminal.Mainmotive isnotto damage the system, butit’sto make some change inthe
current security system to gain profit without making it known to anyone.
Recently these type of attacks has happened which are the perfect example of integrity attacks. For
example,researchers showing the car can be hacked. The motive behind this was not to shut down the
car but to show,howsome of the functionscanbe manipulatedwhichcanbe quite dangerous.Infuture
there’s lot of possibility to target financial sectors as well.
Online Snooping:
Online snoopingorCyberEspionageisonetypeof attack,whereattackerstrytogetthe secretinformation
of the organization, without getting permission of the owner. It’s one type of attack which has been
noticed in past years. It's mostly done for getting the advantage from rival, individuals, groups or any
government agency by using some of the methods on internet.
Here in below are some of the attacks whichhappenedinpast years,whichshows how it has increased
fromtime totime.Lookingatthe belowdata,it’spossiblethatwe cansee inthisyearaswell asincoming
time.

14. Nowadays,attackersare alsogettingskilledwiththe techniquesandtheyare usingstrongermethodthen
before.Some of the attacksthatcouldpossiblytakeplace inthisorcomingyears are likethroughservices
of cloud computing like Dropbox, to take control over servers. Use of Tor network can rise, as it offer
undetectablesecretconnectionstoservers. Inlastfewyearswe saw thatthese typesof attacktookplace
by using some Microsoft documents. So, other file extensions such as .ppt, .doc or .xls, can be used in
future attacks.
Hacktivism – On its Rise:
Hacking isnot new,it has beendone throughmany years,and it’s still goingto continue inthisyear and
infuture as well. Hacktivismisakindof hackinginwhicha purpose issociallyorpoliticallymotivatedand
the people who do these are known as hacktivist. There had been several cyberattacks which includes
popular ones like attacks on websites of Canadian police, government institutions, and many more. It's
mostly possible that in 2016 as well, we can see these type of attacks.
Cyber Attacks towards Critical Infrastructure:
CI (Critical Infrastructure) is the term government use for describing infrastructures, assets or systems
whichare importantfor the economyand society. These critical infrastructure isveryimportantandany
destructionorattacks on it can create a bigimpact onsecurity,safety,national publichealthoranything
combined with these type of matters. The point to notice is that these critical infrastructure are quite
dependableoneachother.So,if one getaffectedbyany attack, other will alsosufferinone orthe other
way. The types of critical infrastructure are like public health service, emergency services, bankingand
finance sectors, transportation services, important services provided by government.

15. The cyber-attacks on Critical Infrastructure is not new, though the attacks don't happen frequentlylike
othercommonattacks butwhenithappens,itdoeslotof impact.Some of the famousexamplesincludes
like Stuxnet Malware which happened during 2010. By looking at these attacks, it is possible that 2016
might see some cyber-attacks on Critical Infrastructures.
These are some of the possible threatswhichcanhappenor may not happenandit’s evenpossible that
something could happen which is not listed here. I would like to know what your views are.