As we enter 2016, we can’t help but think about some of the many events that took place in the previous year. 2015 was the year when the world of IT and information-sharing was taken to a whole new level. Cloud-based file sharing became a norm and industries all across the globe explored new ways of keeping information safe.
Needless to say, the last year did have its hit and misses.
Firstly, the positives: NESA compliance was made mandatory in UAE, public-private partnerships were set up in USA for devising better defenses against cyber-attacks, MIT launched a cyber-security initiative and BuySecure plan was formalized.
And then, there were some cyber-attacks that will forever live in infamy. The most famous of them was the Ashley Madison case, where a team of hackers broke into the dating website’s database and revealed personal clientele records to all. Sony was no exception to hacking either. Anthem and Harvard University made headlines as well.
For 2016, it seems like more headless worms, jailbreaking, ghostware, spyware, malware, machine-to-machine attacks and other cyber attacks are well on their way. Organizations will therefore need to “speed-up” their efforts to ensure data protection and security. Here’s a look at what to expect in 2016:
According to the security experts at McAfee, attacks on all firmware and hardware are likely to escalate for this year. Software will not be spared from such attacks either and rootkits will target all virtual machines.
Retail Data Hacks
The development of ecommerce and online shopping platforms has adversely affected many brick-and-mortar retail stores across the United States. Hackers now have a bigger playground to steal confidential credit card information and details from retail businesses. As a result, identity theft crimes are likely to rise.
Anonymous networks and online payment channels will also continue to fuel the growing threat of ransomware. In 2016, cyber security experts predict a staggering increase in amateur cyber criminals, who will offer ransomware-as-a-service. This means that you will be asked to pay a certain sum of money if you want to gain access to your computer and access your information online.
Perhaps the biggest and most sinister of all cyber security threats for 2016 will be the stealthy and selective compromises to your data and system’s integrity. Such attacks will involve confiscating and modifying certain data or transactions, in favor of the attacker. For this year, banks and financial institutions will be at great risk from such attacks as the perpetrators will target millions of dollars’ worth of holdings.
Cyber criminals are likely to exploit insufficient corporate policies implemented to keep cloud information safe. If cloud-based information is not adequately protected, a business’s existence is at stake. This includes all confidential financial data, company portfolio strategies, diversification plans, major acquisition plans, employee personal and payroll data and any patent technologies (trademark, brand name and secret formula).
This is an ongoing cyber threat, which is expected to gain momentum in 2016. Experts predict that the dark market for hacking services and malware code will enable cyber-espionage for both public and private sector organization. Such a malware will be used by perpetrators to obtain insights to financial intelligence-gathering and inside trading. The information can be used to tilt market conditions in their own favor. Rival superpowers are also relying on cyber espionage to gain control of each other’s territories by proliferating national defense details.
Advanced Persistent Threats (APT)
A combination of stealthy and continuous hacking processes, APT is often orchestrated by individuals to target business organizations. With the advancement of technology, hackers are finding new tools and techniques to maintain the covertness necessary for successful APT. External command and control systems continuously monitor and extract data from a given target.
Automobile System Attacks
The automobile industry faces cyber threats on two fronts. Firstly, their information system is always susceptible to data breaches. Secondly, the connected automobile systems in their vehicles will be at a risk of potential exploitation, if they fail to meet the best practice and security policies. Some of the most common vehicle system cyber-attacks will focus on Engine Control Units (ECUs), Advanced Driver Assistance Systems, Engine and Transmission ECUs, Passive Keyless Entries, V2X Receivers, Remote Link Apps, OBD IIs and Smartphone Access.
Big Data Cracks
Over the past few years, big data (such as Apache Hadoop) has been making news. Industries are investing heavily in big data management as a cost-saving strategy. However, there is a robust black market for all stolen personal information and usernames that puts big data management at a significant risk. For this year, the pattern and number of attacks on big data is likely to change - if left unchecked.
Social Media Attacks
Facebook, Twitter, Instagram, Pinterest and several other social media networks will continue to surge in terms of popularity and number of users. Many of the times, social media security is taken for granted - by both individuals and corporations alike. In 2016, all your social media content will be susceptible to loss and illicit use (especially photos and videos shared). Hackers are likely to make use of your social media content for their own dark purposes.
Healthcare Database Attacks
In 2015, Anthem Health Insurance and Medicare Group witnessed a massive data breach that affected the lives of over 79 million of its customers. The UCLA Health System Computer Network was hacked and the intruders used all personal medical records to incur identity theft and insurance fraud crimes. They also sold fraudulent prescriptions. In 2016, healthcare and finance are the two sectors most susceptible to cyber-attacks.
By providing an insight into our professional and personal lives, Internet of Things (IoT) attacks emerge at a time when the security risks to our personal data have never been greater. Experts predict that there are, on an average, at least thirteen enterprise breaches in a day- resulting in a loss of about 10 million records. IoT attacks are classified into three main categories: IoT against Devices (e.g. connected security cameras and their functions), IoT against Communications (e.g. data hacking) and IoT against Master Devices (e.g. against cloud service providers).
Supervisory Control and Data Supervision (SCADA) is a system used for remote monitoring and control. It operates through coded signals over different communication channels. Hackers found several loopholes in SCADA system during the previous year, making several small dish satellite systems susceptible to cyber-attacks. In 2016, SCADA attacks are expected to escalate.
This does not mean that there are no controls and check-and-balances available against such controls though. To learn more about the cyber-attacks that are likely to reshape 2016 and how to devise an effective counter strategy on a proactive basis, please contact us today!