Over the past couple of years, cybersecurity has become an increasing concern for organisations and individuals alike. As mankind continues to advance towards a digital landscape, invisible threats continue to cause havoc in the digital realm. Cybercrime evolves along with the evolution of technology. And hackers seemingly find newer ways to swindle individuals and organisations alike. The previous year saw a peak rise in the number and scale in cybercrime. While many believe that the only way to counter hacking is to learn from past mistakes. However, many believe that the best way to counter cyberattacks is to understand them and be prepared in advance.
So, we’ve listed out the latest threats to cybersecurity to watch out for 2018.
Ransomware on the rise
Ransomware is simply a form of malware which holds data ‘hostage’. Hackers can get into a system, encrypt the data and demand the data’s owner for money in exchange of the decryption key.
May of last year saw one of the most destructive ransomware attacks which affected more than 230,000 computers across 150 countries. Labelled the WannaCry Ransomware hack, the masterminds behind the attack were able to exploit a Microsoft security vulnerability called EternalBlue, to hack into Windows PCs. However, Windows operating systems were not the only victims of ransomware attacks, though being the most popular targets is no longer such a major concern given the wide selection of antivirus software for PC. The Mac iOS, Linux and smartphones as well are being targeted as well.
Industry experts predict that ransomware attacks would continue to plague the cyber landscape in 2018. However, the target for potential victims of ransomware would shift to cloud computing businesses, who hold massive amounts of data. The best and most simple way to render ransomware hackers powerless is to back up your data.
Internet of Things as a big vulnerability
Everything now is connected to the internet. From digital watches and household appliances to automobiles, as well as a range of medical equipment. While companies who manufacture these devices, called botnets, a majority of them are not secure. Through these vulnerable botnets, hackers would be able to leverage thousands of connected devices to carry out large-scale DDoS attacks, by taking complete control over or crippling digital infrastructure. They can also exploit these devices to gain access to private data.
In 2016, parts of the internet were crippled due to a DDoS attack that was launched from an IoT botnet connected to the service provider, Dyn. Major websites and companies like Netflix, Twitter, CNN, the Guardian and Reddit were victims of the attack.
Even major companies like Amazon, Apple and Google who provide various IoT services, such as voice assistants and smart locks have been shown to include vulnerabilities which hackers can exploit to their advantage.
Hackernoon suggests an easy, but efficient way to make it difficult for hackers to gain access to botnets. Simply change the default router password to one of your own. On top that, keep unique passwords for each device and change them as often as possible. However, changing passwords is not completely foolproof.
Whaling – the next level of phishing
While it’s important to keep an eye out for newer threats and come up with counter-measures to them. It’s also equally important to be wary of older threats. Individuals and organisations alike easily fall victim to social engineering attacks. In fact, companies are nearly three times more likely to become victims of phishing, or rather ‘whaling’ – basically when malicious hackers target large organisations since they have bigger databases.
It only takes one error to compromise an entire organisation. An employee who fails to recognize an email phishing threat or clicks on a malicious link, would not only be giving hackers access to their own system, but to a network of systems.
And that is why it’s a good idea to create an awareness among employees about cybersecurity protocols to follow to avoid an attack, or what to do in the wake of one. It would also be a good idea to invest in state-of-the-art cybersecurity technology or software.