Cyber Security Predictions For the Rest of 2018
Reading Time: 3 minutesWe’ve analyzed trends in cyber crime and frauds established in 2017 and made several assumptions we expect to hold true throughout 2018. Prepare your business for them while it’s not too late.
Ransomware: weapon of choice 2018
Having found one of the most vulnerable spots of today’s cyber infrastructure, hackers do not simply stop exploiting it. Petya/NotPetya, WannaCry, and other ransomware attacks proved exceptionally successful, so they are likely to start a trend. Creating ransomware doesn’t require extensive qualifications, and cryptocurrencies make its origin almost untraceable. With that said, there will probably be an outbreak of ransomware attacks. They’ll likely evolve towards blackmailing users based on the content found on their devices, and attacking healthcare industry with its vast network of internet-connected equipment, predominantly weak security, and potentially lucrative gains.
General Data Protection Regulation
GDPR is a set of regulations that require businesses to protect personal data of their EU users. Its rather vague wording and stringent sanctions for non-compliance will cause many companies a hard-time and great spendings. Enforceable from May 25, 2018, it will force a significant shift in security practices of companies working in the EU.
72% of the US respondents would boycott a company that showed disregard for the protection of their privacy. Click To TweetTwo-factor authorisation gets cracked
SS7 telephony protocol which is used in most telephone networks in the world has long been known to have a vulnerability. This vulnerability allows sophisticated third-parties to track a cell phone’s movements, eavesdrop on user’s conversations, redirect calls and messages. In 2017, German O2-Telefonica confirmed cybercriminals using SS7 vulnerability to bypass 2-factor authorisation and make unauthorised withdrawals from users’ bank accounts. SS7 will persist and will surely be subject to more attacks.
IoT
Proliferation of IoT increases an attack surface in today’s cyber-connected environment. Most people don’t view IoT devices like something posing a threat, they might not even realize such devices can be hijacked. Consequently, people rarely configure their IoT properly, often leaving default settings and passwords. In fact, IoT devices can be used to steal a user’s private information, intellectual property, and to perform DDoS attacks on entire networks. It is only a matter of time before we hear about thundering cases of IoT exploitation.
Cryptojacking
Cryptojacking is unauthorized cryptomining on a user’s device, usually done via browser executive code or by planting malware on the device. Its use sky-rocketed in 2017, and it’s not going anywhere in 2018. This February, The Bad Packet Report stated to have found 34,474 sites running Coinhive, a popular JavaScript miner that adds code to your site to background-mine Monero, anonymous cryptocurrency. Cryptojacking is in its early stages, and we can expect it to develop dramatically, particularly in the IoT realm.
How do you prepare your business?
First and foremost, a little education goes a long way. Most attacks are made possible by employees’ negligence, so give your staff a crash course on corporate security, develop and introduce your digital hygiene practices, and teach your workers to stick to them. Keep your infrastructure updated.
Also, with remote work becoming more popular, your company should make using a reliable VPN solution an indispensable part of the corporate security culture. VPN Unlimited Team is a comprehensive enterprise VPN suite that allows your teams to unite under one IP address and encrypts their traffic, establishing protected connection to your business resources from anywhere in the world. To top it off, you can also secure your office network with a VPN for Routers. Choose your own solution and prepare your business for any cyber threats.
© GIPHY