McAfee Labs 2016 Threats Predictions

Read Report

In the McAfee Labs 2016 Threats Predictions report, we developed two distinct views of the future.

For the first section of the report, we interviewed 21 key people within McAfee Labs, office of the CTO, Foundstone Professional Services, and advanced threat research teams. They were asked to look over the horizon and predict how the types of threat actors will change, how attackers’ behaviors and targets will evolve, and how the industry will respond between now and 2020. They shared unique insights into the expected threat landscape and the security industry’s likely response.

The second section drills down and makes specific predictions about expected threat activity in 2016. Predictions for next year run the gamut from ransomware to attacks on automobiles, and from critical infrastructure attacks to the warehousing and sale of stolen data. Among other things, we:

  • Discuss a subtle yet equally impactful form of attack—integrity attacks—that will become more prominent in 2016.
  • Explain why better security in the enterprise will lead to more attacks on employees as they work from home.
  • Describe changes in the way we pay for things, and the implications.
  • Outline why wearables, integrated with smartphones, are an attractive attack vector.
  • Highlight positive changes in the sharing of threat intelligence within the private sector and between the private sector and governments.

The report illustrates an ever-evolving threat landscape, where applications and prominent operating systems are hardened to attacks, but attackers shift their crosshairs to less prominent but critical attack surfaces, innovative attack styles, and new device types. Researchers depict enterprises building out their complex security defenses and comprehensive policies, while attackers target the weak security of employees working remotely. Nation-state actors continue to drive development of the most sophisticated attacks through firmware, espionage malware, and detection evasion.

The cybercrime-as-a-service ecosystem discovers, mutates and sells these advanced capabilities and support infrastructure down to the least sophisticated malicious actors in cyberspace in the burgeoning dark web. And, while courts and legislatures continue to move slowly to protect individuals and organizations, there are the positive prospects of threat intelligence collaboration that provides organizations real advantages versus their adversaries.

The collective perspective view reveals short- and long-term implications for organizations and an IT security industry working to keep pace with business opportunities and technology challenges, while fighting off threats attackers launch to take advantage of them.


More connections, more threats. A glance at the growing attack landscape.

  • 780 million: The number of wearable devices by 2019
  • 24.4 billion: The amount of IP connected devices by 2019.
  • 200 million: The number of connected cars on the road by 2020.