Hackers are developing sophisticated attacks that will use advanced technologies and previously undiscovered Heartbleed-level vulnerabilities to infiltrate business systems, according to Trend Micro.
The security firm outlined evidence of the increased threat in its Security Predictions for 2015 and Beyond: The Invisible Becomes Visible report, highlighting open source vulnerabilities, dark web forums and the Internet of Things (IoT) as particularly pressing concerns.
Trend Micro cited the recently discovered Heartbleed and Shellshock vulnerabilities as proof of the threat posed by open source projects, arguing that they have spurred criminals to hunt for similar flaws.
"Vulnerabilities in open source protocols like Heartbleed and command processors like Shellshock that remained undetected for years were heavily exploited this year, leading to serious repercussions," read the report.
"Just hours after the initial discovery of Shellshock, we saw several malware payloads in the wild. Attackers will continue their search for seemingly dormant vulnerabilities like Heartbleed and Shellshock in the coming years.
"They will keep tabs on oft-forgotten platforms, protocols and software and rely on irresponsible coding practices to get to their targets."
Heartbleed is a critical flaw in the OpenSSL implementation of the Transport Layer Security protocol used by millions of web servers around the world that was discovered in April by researchers at a Finnish company called Codenomicon.
Shellshock is a separate flaw in the Bash code used by Unix and Unix-like systems that was uncovered in September.
Trend Micro also reported seeing evidence of criminals increasing their use of the dark web following the successful take down of several prominent botnet campaigns, including GameOver Zeus.
The firm said the news is troubling as it will increase the expense and manpower needed to track and take down criminal gangs.
"As the bad guys move deeper into [the dark web], security firms and law enforcers need to extend their reach to cover the deep web and dark net services. This will require greater effort and investment," read the report.
"Security firms should continue to provide threat intelligence to help law enforcers catch perpetrators.
"Lawmakers worldwide, meanwhile, need to agree on what constitutes cybercrime to help enforcers, regardless of jurisdiction, bring the bad guys to justice."
Interpol opened a Global Complex for Innovation information centre in October which it hopes will become an international nerve centre in the fight against cybercrime.
Trend Micro said it also expects hackers to begin targeting newly connected IoT devices, including smart cars, as early as 2015.
"As attackers begin to better understand the IoT ecosystem, they will employ scarier tactics akin to ransomware and scareware to extort money from or blackmail device users," read the report.
"They can, for instance, hold smart car drivers hostage until they pay up when the vehicles officially hit the road in 2015."
Trend Micro is one of many firms to warn of the increased security risk of the IoT for companies and the general public.
Experts from McAfee and Kaspersky said during an interview with V3 in September that the risks facing manufacturing firms is particularly dangerous.
For more information on the internet of things and security, visit the Intel IT Center.
12 of the 32 stars observed feature rings and gaps that are usually carved by planets in the process of formation
Overhaul to parachuting system and the ability to export clips from replays also coming to PUBG
The experiment is currently underway at South Korea's Yangyang Underground Laboratory
Exoplanet HAT-P-11b is located about 124 light years from Earth