Rogue intelligence officers to emerge as new cyber threat category, global IT company predicts

Rogue intelligence officers will use government-owned spy capabilities for their own purposes and will emerge as a separate threat category in 2016, predicts Unisys Corporation, a global information technology company.

In a press release on Tuesday, Unisys suggested that rogue intelligence officers, machine-controlled physical attacks and the rise of quantum computing will demand new approaches such as micro-segmentation and quantum encryption.

“Many of the state-sponsored attacks that have been attributed to governments around the world are actually executed by state employees motivated by their own ideological issues without government authorization,” Unisys noted. “In 2016, Unisys predicts that rogue intelligence officers will emerge as a separate threat category that business and government organizations will need to monitor and control in a different way than they would for a state-sponsored attack.”

Following a year of damaging security incidents at organizations ranging from the U.S. Office of Personnel Management to the Ashley Madison website, security experts at Unisys said that “security professionals around the world will adopt a new mindset in 2016, embracing advanced approaches such as micro-segmentation to counter increasingly sophisticated attacks by cyber criminals.”

“Corporate and government leaders understand that as their enterprises have grown beyond their four walls and threats have moved from concept to reality, their whole approach to security must change now,” said Tom Patterson, vice president of global security, Unisys, in the release. “In 2016, corporate leaders will take the actions needed to protect themselves in this new reality.”

Related: US personnel chief Katherine Archuleta resigns after more than 21 million affected by hack

For example, Patterson predicted the rise of a new security approach that embraces micro-segmentation, which allows enterprises to easily and economically divide their physical networks into hundreds or thousands of logical micro networks, or microsegments. Such an approach understands that adversaries will ultimately infiltrate an organization, but limits the damage they can do once they’re in, making the difference between a routine cyber incident and a business catastrophe.

Up until now, the worst thing that could happen to a machine under cyberattack would be “the blue screen of death,” the release said. Now, attackers can control machines, meaning that they could “crash your car, stop someone’s heart, black-out your city, or destroy public infrastructure. Unisys predicts that enterprises will see the real world results of this in 2016 as digital and physical worlds collide.”

Today’s cyber criminals looking to circumvent encrypted communications are limited by the inability of modern computers to calculate a long encryption key, the release added. But with the impending advent of quantum computers, able to break down encryption in seconds, enterprises will need more advanced encryption approaches to thwart criminals.

In 2016, Unisys predicts a significant increase in enterprise funding and R&D investments in developing quantum encryption as a means to counteract the advent of quantum computers.

“Although many threats loom in 2016, security professionals also have an arsenal of new countermeasures like micro-segmentation,” Patterson concluded. “This will be the year we start changing the playing field and shifting the advantage back to the good guys.”