Are You Prepared for These 4 Top Security Threats?
The year just past was a record one for cyberattacks. Most organizations are now targeted by hackers, some more than once. Here are four security threats your organization will likely encounter in 2017.
A Year of Increased Risks Ahead
“Many worldwide are celebrating the fact that we’ve just left the rough year of 2016 behind us, but make no mistake: 2017 has the potential to be just as difficult,” cautions Alex Vaystikh, chief technology officer at SecBI. “In the field of cyber security alone, we are facing sophisticated new threats with the capacity to devastate businesses that aren’t adequately prepared. Perhaps more so than ever before, we must be vigilant in our fight against hackers and cyber criminals.” Vaystikh has identified four specific cyber security trends that he believes will become major news in 2017.”
Ransomware will Merge with Data-Stealing Malware
“I believe we will see ransomware becoming more intelligent this year and merging with information-stealing malware,” Vaystikh says. “This will allow fraudsters to steal information before encrypting it. Although ransomware is certainly a quick and easy way for hackers to make money, there are always cases in which a potential victim has backup files and thus refuses to pay. However, if the hacker has stolen the information before encrypting it, he can turn around and say, ‘You know what? Pay up or I’ll leak it all.’ In 2016, we saw several cases of ransomware being used in sensitive environments such as hospitals, but without causing any significant damage. But just think what would happen if malware were used to exfiltrate patient information before it is encrypted. I think there is a very good chance we will see this kind of devastating data leak in 2017.”
Ransomware will Target Cloud-Based Databases
“In 2016, we did not see many (if any) hackers using ransomware in attacks against corporate networks,” Vaystikh notes. “Knowing that large businesses back up all of their critical files, they wisely chose information-stealing malware as their preferred tool. However, think of all the SMBs that are now moving their files to the cloud. Do you think they have backups, or would even know how to recover lost files? Once cyber criminals realize this, I’m certain we’ll see ransomware targeting cloud-based databases, where there is much less chance of backup files being available. And believe me, this wouldn’t just cause downtime for the victimized companies; it would have a significant impact on the cloud providers and infrastructures as well.”
Hackers will Begin Targeting Web Browsers
“As more and more infrastructure transitions to become cloud-based and accessible from anywhere, I predict that we will see hackers begin to target Web browsers such as Chrome, Internet Explorer and Mozilla Firefox as the weak point,” Vaystikh says. “When you think about it, browsers are essentially the operating system today. Regardless of whether you’re using Windows, Mac OS or Linux, you spend most of your time in the browser, talking on Google Hangouts, drafting documents on Google Docs, using any number of plug-ins, and more. This is a very large attack surface that hasn’t been fully exploited by hackers. I think we are poised to see an increase in malware targeting this surface in 2017. You have to understand that, once hackers find a vulnerability within a browser, they’ll have access to everybody who uses that browser, regardless of OS.”
Internet of Things (IoT) Breaches Galore
“There is a very good reason why we are seeing daily news articles breathlessly warning about the risk of IoT breaches,” according to Vaystikh. “Quite simply, IoT devices weren’t designed with security in mind! And now that we are connecting everything from refrigerators to hair dryers to the Internet, it’s just a matter of time before a significant breach occurs. In 2017, SMBs and enterprises alike will suffer breaches originating from an insecure IoT device connected to their network. The access point might be anything from a security camera or network printer to climate control or even a remote-controlled light-bulb. Imagine a hacker infiltrating an IoT camera within a corporate network. If that network also contains the company’s database center, there’s no way to stop the hacker from making a lateral move from the compromised camera to the database. “