Do you ever wish you had a crystal ball?
You know, the kind you wave your hands over in some mysterious way to see the future? Yeah, that would be kind of nice wouldn’t it? You sure could make a lot of money if you had an inkling of who’d win the Superbowl in a few months. Or better yet, if we could divine the future of cyber security in 2016, maybe we could fix missteps and mistakes before they even happen!(…Okay, we are now encroaching on time-travel territory which as any good sci-fi fan knows, has tons of rules and regulations, so let’s just not go there, okay?)
Alas, without crystal balls at our disposal, we have to use our good ‘ol brains to intuit what the (very near) future of cyber security will bring and what better time to do that than December? So without further ado, we bring your the first three of our top six predictions for the hottest security topics in 2016.
1 – IoT
This one probably isn’t too shocking. We all know that IoT, or the internet of things, is here already and it will only become more pervasive as time goes on. We have seen the proliferation of IoT devices that all claim will make life so much more bearable. Thanks to the never ending stream of networked devices, rather than walking to your coffee maker and pushing some buttons (Oh the strain! Oh the effort!), you can just flop down on your couch, meld right into that indent you have been working diligently at creating, and use your smartphone to read the latest reddit and set your coffee all at the same time! Oh isn’t technology wondrous!?
So yes, IoT is cool and futuristic (yet somehow we still don’t have viable hoverboards. What’s the deal?!) but all that internet connected tech comes at a steep price. In 2015 the FBI noted that having more internet connected devices “also increases the target space for malicious cyber actors.” In other words, the more IoT things we have, the more things there are to be hacked.
Network-connected gadget manufacturers design their products taking lots of factors into consideration such as market demand and specs, but typically, security isn’t one of those considerations. 2015 brought us countless examples of hacked devices including baby monitors, hospital pumps, security cameras, Jeeps, rifles, fridges.. you get the point. The internet of things makes the potential attack surface for bad actors simply huge. And when these devices get hacked the implications can be huge as well. Look for manufacturers to begin to understand that security is just as important, if not more, than functionality and closer collaboration between security departments and product designers.
2 – Encryption
Encryption was already poised to be an important talking-point in the 2016 elections when the November terror attack rocked Paris. Now the issue of encryption has soared to the front pages of newspapers world wide. But just what is the issue? Encryption is the conversion of plain text (such as is used in this article) into ciphertext, or a scrambled, mish mash of data that is impossible to understand without the use of a secret key or code to decipher that data.
The CIA and FBI have long been opponents of end-to-end encryption. They say that fully encrypted communications put civilians at risk. It’s true that this is how people with bad intentions can communicate without ever being detected, such as the ISIS terrorists in Paris. Feds say they need “backdoors” or holes, with which they can access stored data to be present on devices and within technology, for everyone’s own good and that full encryption prevents them from being able to intercept messages from one bad guy to the next.
On the other side of the debate are companies like Apple who say that encryption should be the the bottom line in secure communications. Tech companies are looking to create the most
hack-proof devices they can, allowing businesses and individuals to communicate and transact without the fear of being breached. There is no question that this is most effectively achieved using encryption. In a statement from Dean Garfield, the CEO of Information Technology Industry Council he said “weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy. Weakening security with the aim of advancing security simply does not make sense.”
On the presidential campaign scene, the candidates are divided on the issue, although not according to the typical party divisions. Rand Paul and Bernie Sanders, though they might not agree on much, are both pro-encryption. Most of the other candidates have come out against end-to-end encryption, and Hillary Clinton seems to be undecided for now. One thing is for sure, this is going to be one of the hottest topics on the campaign trail in 2016.
3 – EMV Chip Cards
Have you received a new credit card from your bank lately? Chances are if you haven’t, you will soon and it will be decked out with a teeny tiny microchip in it. This past October was the deadline for businesses to adopt new liability regulations dealing with credit card fraud. The technology, named for the three companies who developed the chip, Eurocard, MasterCard and Visa, embeds a chip into credit cards in place of the magnetic strip making fraud much more difficult. New card will have both the mag strip and the EMV chip for the next few years. Mag strip readers (credit card processing machines for the magnetic stip cards) will not be discontinued until 80-90 percent of transactions are done with the new Chip cards.
But why the change?
Magnetic stripe credit cards can be skimmed for information easily. They contain a set of unchanging information, which makes it pretty simple for cyber criminals to grab your information every time you swipe your card. The new EMV chips create an individual transaction code for each purchase, making duplication nearly impossible. Those mag stripes, by the way, played key role in the catastrophic hacks of Target, Home Depot and TJX. According to wired.com, with the rise of EMV technology “the golden age of credit card fraud is drawing to a close, and history will regard Home Depot, TJX, Target, and all other breaches as a single massive exploit against one catastrophic security hole: The banks’ use of roughly 23 characters of magnetically encoded data as the sole authentication mechanism for a consumer payment infrastructure that generated 26.2 billion transactions in 2012 alone.” Woah, that’s heavy.
So this sounds amazing! Safer, more secure transactions! No more breaches, no more credit card fraud! Well, it doesn’t come without drawbacks as retailers and consumers alike will struggle to understand how to use the new cards so it will take a bit of sorting out. And knowing criminals, they will find new, more elaborate ways to hack our cards and steal our money but at the very least, it’s a step in the right direction for 2016.
As Sublime said back in 1998, “I ‘aint got no crystal ball”. We don’t know what the future will bring but we do know that we will give you more of our predictions for the top cyber security trends to watch out for in 2016 next week, so stay tuned.
Do you agree with our list of hot cyber security topics for 2016 so far? Have any trends to add? Tell us!