New Frontier - IoT, email, cloud threats
In just months, large-scale cyber breaches including WannaCry and Petya ransomware attacks shook up businesses around the world. This reinforced the need to secure critical assets and prevent data loss. Looking beyond traditional desktops and servers,businesses need to start protectingother platforms that are ripe targets forcyber criminals, according to Sherif El-Nabawi, Senior Director, Systems Engineering, Asia Pacific.
The widespread use of mobile devices and the mainstream adoption of cloud and Internet of Things (IoT) technologies haveopened whole new platforms for cybercrime.Symantec’s Internet Security Threat Report (ISTR) Volume 22 revealed that many emerging threats against these increasingly popularplatforms wereobserved in 2016 and are likely to continue this year .
When it comes to IoT devices, many would think of smart watches and smart home assistants including Google Home or Amazon Echo. However, themost commonly targeted devicecould be something as simple as routers or internet-connected cameras.
An experiment conducted by Symantec called “IoT honeypot”found a two-fold increase in attempted attacks against IoT devices over the course of 2016.The average device was attacked once every two minutes even at the peak of activity.
Unlike a desktop computer or laptop, which will typically have security software installed and receive automatic security updates, an IoT device’s only protection is usually just an easily guessed default user name and password. Default passwords are still the biggest security weakness for IoT devices, and the most common password tested by attackers is “admin”.
According to Gartner, anAmerican IT research and advisory firm, 8.4 billion connected “things” will be in use in 2017, an increase of31 percent from 2016, and will be reaching 20.4 billion by 2020 . While manufactures should take the lead in the security of the products that are released in the market, it is equally important that businesses shouldalso be aware of the risks and vulnerabilities these devices are exposed to.
The most noteworthy trend observed through 2016 was the rise of email malware rates. The rate jumped from 1 in 220emails ratio in 2015 to 1 in 131 emails ratio in 2016. These malicious emails hit businesses of all sizes, commonly disguised as an invoice or receipt with an attachment.