Social networks and mobile devices will continue to be growth areas for criminal activity. Hackers are also expected to direct their attention to the Internet of Things, which will create a much larger pool of potential targets. People who normally patch their computers may forget to patch everything else they own that is network-connected.
Attackers will continuously innovate and change tactics. Multi-step attacks will become more prevalent. Examples include the use of a DDoS attack to hide the actual exfiltration of data from a network. The report also predicts more malware capable of evading analyses.
Subscribing to hacking services is expected to grow in popularity. Such services will lower the bar for getting involved in cybercrime by letting criminals outsource the technical requirements.
The RAND Corp. based the study, entitled "Markets for Cybercrime Tools and Stolen Data," on more than two-dozen interviews with cybersecurity and related experts, including academics, security researchers, news reporters, security vendors and law enforcement officials. Juniper Networks sponsored the study.