Cybercrime set to expand with Internet of Things
The Internet of Things, cloud computing and virtualisation pose potential cyberthreats to policymakers globally, including Thailand, in ensuring national and economic security, say experts.
Automobile systems and wearable devices are subject to these threats. These include ransomware, malware that prevents or limits users from accessing their system and forces victims to pay a ransom to get back access to their system or data.
“The security landscape is already changing due to the arrival of the Internet of Things (IoT), also known as the Cloud of Things, mobility and big data,” said Prinya Hom-anek, founder of ACIS Professional, a local cybersecurity training firm.
Enterprises need to ensure their security readiness in their overall data management and information security to increase resilience, reduce risks and expedite recovery after disruption or disasters.
ACIS expects hacking will become an “emerging industry” in 2016 as hackers will attempt to make money from their attacks, Mr Prinya said.
The number of undefined or unknown threats is also on the rise. Some 96% of the world’s internet content is hidden and said to be deep web or invisible web, which traditional search engines cannot see or retrieve content from.
There is also a technological space called the dark web, a hidden network of websites that requires special tools to access, enabling online criminal activity.
Mr Prinya said the IoT would increase vulnerabilities in a big way.
Always-connected consumers, in particular, will face exposure to cybersecurity threats.
Thais spend an average of 5.7 hours per day using smartphones, according to a survey by the Electronic Transactions Development Agency.
A report by Fortinet, a leading cybersecurity firm, predicts that cybersecurity threats in 2016 will see further development, deploying malware that targets trusted communication protocols between IoT devices.
The IoT will become central to “land and expand” attacks in which hackers will exploit vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they are connected. Hackers will use worms and viruses designed to attack IoT devices.
Fortinet also foresees new techniques that thwart forensic investigations and hide evidence of attacks by destroying or disabling a system when they are detected.
McAfee, in collaboration with Intel Corporation, released the McAfee Labs Threats Report, which predicted attacks on all types of hardware and firmware are likely to continue in 2016. The report said the market for tools that made them possible would expand and grow.
Virtual machines could be targeted with system firmware rootkits.
Moreover, an increasing number of inexperienced cybercriminals will use ransomware-as-a-service offerings, which will increase the growth of ransomware, according to the report.
Wearable devices could be targeted by cybercriminals working to compromise the smartphones used to manage them.
Attackers are likely to shift their focus and increasingly attack enterprises through their employees by targeting employees’ relatively insecure devices or home systems to gain access to corporate networks.