#PANWchat Wrap-Up: The 2016 Threat Landscape

Last week we hosted the first ever Unit 42 Twitter chat with several of our Unit 42 experts, including Ryan Olson (@ireo), Jen Miller Osborn (@jadefh), Robert Falcone (@r0bf4lc), and Bryan Lee (@obiwanblee). The chat, “Sure Things and Long Shots, A Look at the 2016 Threat Landscape,” tackled questions from the biggest shifts in the threat landscape to the most effective measures to protect against those threats, and the best ways people can protect themselves in 2016.

The #PANWchat also served as the official launch of the new @Unit42_Intel Twitter handle, which moderated yesterday’s chat. Make sure to follow @Unit42_Intel for the latest from our Unit 42 team.

Take a look at some of the highlights from the chat below or catch up on the entire conversation through the #PANWchat hashtag. And be sure to check out our ongoing series of predictions for 2016!

How do you see threat landscape continuing to evolve in 2016?

A2 Ransomware is specializing. Grandma may pay $500 for lost photos, companies will pay more for lost IP, know your victim. #PANWchat

— Ryan Olson (@ireo) December 17, 2015

A2 You'll see more APT groups start putting the "A" in APT as the media coverage increases and people are more security aware #PANWchat

— Jen Miller Osborn (@jadefh) December 17, 2015

A2 Modular Trojans + obfuscation/packing = le sigh...increased LOE for analysis and decreased threat attribution #panwchat

— Robert Falc (@r0bf4lc) December 17, 2015

What have been the most effective measures to protect against those threats?

A3 Patching remains one of the most basic, yet best, ways to avoid a compromise #PANWchat

— Jen Miller Osborn (@jadefh) December 17, 2015

A3 Backup. Get Owned. Wipe. Repent. #panwchat

— Robert Falc (@r0bf4lc) December 17, 2015

A3 Implementation of simple policies such as restricting exe downloads macro docs can be highly effective #panwchat

— Bryan (@obiwanblee) December 17, 2015

A3 Ransomware is nature's way of asking "How's that backup program coming along?" https://t.co/usAT4ZLvRh #PANWchat

— Ryan Olson (@ireo) December 17, 2015

What is your most surprising “long shot” prediction for 2016? Why?

A5 Long Shot: US Presidential candidate is breached, internal docs exposed, campaign crumbles. It could happen. #PANWchat

— Ryan Olson (@ireo) December 17, 2015

A5 Long Shot: A major financial institution experiences a massively destructive attack like the Sony Pictures attack #panwchat

— Bryan (@obiwanblee) December 17, 2015

A5 Pretty dark, but someone dies from a IOT medical device being hacked #PANWchat

— Jen Miller Osborn (@jadefh) December 17, 2015

How can the average consumer protect themselves against the threats of 2016?

A8 Psst… don't open attachments or click links from unk emails. Install anti-JS apps to avoid drive-by exploitation #panwchat

— Robert Falc (@r0bf4lc) December 17, 2015

A8 Patch all the things! #panwchat pic.twitter.com/OkjCnUSnRu

— Bryan (@obiwanblee) December 17, 2015

A8 Your passwords are probably your biggest weakness. New Years Resolution: Get a password manager! #PANWchat

— Ryan Olson (@ireo) December 17, 2015

A8 Pay attention to the security, or lack of, anything touching the Internet. Be an informed consumer. Also, password managers #PANWchat

— Jen Miller Osborn (@jadefh) December 17, 2015

How will the practice of threat research evolve in 2016?

A9 I hope for more data sharing and fewer fluff blogs. Descriptions of tactics are great, but actionable data is king. #PANWchat

— Ryan Olson (@ireo) December 17, 2015

A9 Cross-vendor intel exposes prev unk overlaps of threats.. More intel dissemination = More linkages = More threat coverage #panwchat

— Robert Falc (@r0bf4lc) December 17, 2015

A9 Threat research is key for the security part of "cybersecurity". More and better sharing is critical - no more IOC hoarding! #PANWchat

— Jen Miller Osborn (@jadefh) December 17, 2015

@ireo Completely agree, adversaries share attack data, why shouldn't we? #panwchatpic.twitter.com/sFQn6YQYdj

— Bryan (@obiwanblee) December 17, 2015

Thank you to everyone who participated in and followed the #PANWchat. We look forward to doing more of these chats in the future.

In the meantime, make sure to follow @Unit42_Intel for the latest research reports and news from Unit 42, the Palo Alto Networks threat intelligence team.