Five maJor cyber security tHreats anD How to combat tHem
The threat landscape is changing with the advent of new technologies and devices that are interconnected. Here we discuss the five latest security threats and steps to combat them
I– n past few years, we have witnessed various attacks, from industries to consumers. Attackers can target anyone and even a small loophole can become a drastic fall for you. The 2016 threat predictions from Intel Security covered a gamut of trends, from the likely threats around ransomware, attacks on automobile systems, infrastructure attacks, and the warehousing and sale of stolen data. A detailed insight is as follows:
Hardware: Attacks on all types of hardware and firmware are likely to continue, and the market for tools that make them possible is expected to expand and grow. Virtual machines could be targeted with system firmware rootkits.
Ransomware: Anonymizing networks and payment methods could continue to fuel the major and rapidly growing threat of ransomware. In 2016, greater numbers of inexperienced cybercriminals leveraged ransomware-as-a-service offerings which could further accelerate the growth of ransomware. This is likely to become one of the most frequent modes of cyber-attacks that both organizations and customers will face this year.
Wearables: Although each wearable device stores a relatively small amount of personal information, wearable platforms could be targeted by cybercriminals working to compromise the smartphones used to manage them. The industry will need to work together to protect potential attack surfaces such as operating system kernels, networking and Wi-Fi software, user interfaces, memory, local files and storage systems, virtual machines, web apps, and access control and security software.
Attacks through employee systems: Organizations will continue to improve their security postures, implement the latest security technologies, work to hire talented and experienced people, create effective policies, and remain vigilant. Thus, attackers are likely to shift their focus and increasingly attack enterprises through their employees, by targeting, among other things, employees’ relatively insecure home systems to gain access to corporate networks. After all, it is often said that humans are the weakest link in security.
Cloud services: Cybercriminals could seek to exploit weak or ignored corporate security policies established to protect cloud services. Home to an increasing amount of business confidential information, such services, if exploited, could compromise organizational business strategy, company portfolio strategies, next-generation innovations, financials, acquisition and divestiture plans, employee data, and other data.
Open Source Software at the risk: With its inherent characteristics to significantly reduce costs, free ‘open source’ software (OSS) is growing in popularity with SMEs and start-ups. Whilst OSS is inherently flexible for developers to modify the code, it is also publicly available to cybercriminals and malicious users. This, then, raises concerns when SMEs choose to implement free security OSS into their businesses over closed proprietary applications. Cybercriminals are very much aware that SMEs often lack adequate security practices and infrastructure given that many don’t have the time, budget and expertise to coordinate an effective security solution. Security shouldn’t be an area anyone should skimp on. After all, intellectual property is what makes companies profitable. It needs to be secure.