The Most Critical Cyber Threats in 2016
Security Researchers have identified four cyber threats which may pose the greatest risk to businesses and indivuals. First, the Rise of the IoT Zombie Botnet: There are many who say that 2015 was the year of the Internet of
Things; but it was also the year the Internet of Things got hacked.
Connected cars, medical devices, Barbie dolls and skateboards were just a few items shown to be vulnerable to hackers this year. If 2015 was the year of proof-of-concept attacks against IoT devices,
2016 will be the year we see many of these concept attacks move to
reality. One trend we’ve already spotted is the commandeering of IoT
devices for botnets. Instead of hackers hijacking your laptop for their
zombie army, they will commandeer large networks of IoT devices—like
CCTV surveillance cameras, smart TVs, and home automation systems. Second, Chip-and-PIN Innovations: Any time the security community closes one avenue of attack, hackers
adapt and find another. When retailers stopped storing customer credit
card numbers and transactions in databases, hackers sniffed their
networks to grab the unencrypted data live as it was sent to banks for
authentication. When retailers encrypted that live data in transit to
prevent sniffing, attackers installed malware on point-of-sale readers
to grab data as the card got swiped and before the system encrypted the
numbers. Thirdly, attacks That Change or Manipulate Data: In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate data in order to compromise its integrity—instead
of deleting or releasing stolen data—is our next nightmare. Mike
Rogers, head of the NSA and US Cyber Command said the same thing. And finally, Extortion Hacks: Following the Sony hack in late 2014, we predicted that hacker
shakedowns would increase in 2015. By shakedown, we were referring not
to standard ransomware attacks, whereby malware encrypts or otherwise
locks access to a victim’s computer until the victim pays a ransom. We
meant extortion hacks where attackers threaten to release
sensitive company or customer data if the victim doesn’t pay up or meet
some other demand. With these attacks, even if you have backed up your
data and don’t care that hackers have locked you out of your system,
public release of the data could ruin you and your customers. Which cyber threats do you anticipate as the greatest risks for 2016? Share your comments with the Cloud and Cyber Security Center.
Connected cars, medical devices, Barbie dolls and skateboards were just a few items shown to be vulnerable to hackers this year. If 2015 was the year of proof-of-concept attacks against IoT devices,
2016 will be the year we see many of these concept attacks move to
reality. One trend we’ve already spotted is the commandeering of IoT
devices for botnets. Instead of hackers hijacking your laptop for their
zombie army, they will commandeer large networks of IoT devices—like
CCTV surveillance cameras, smart TVs, and home automation systems. Second, Chip-and-PIN Innovations: Any time the security community closes one avenue of attack, hackers
adapt and find another. When retailers stopped storing customer credit
card numbers and transactions in databases, hackers sniffed their
networks to grab the unencrypted data live as it was sent to banks for
authentication. When retailers encrypted that live data in transit to
prevent sniffing, attackers installed malware on point-of-sale readers
to grab data as the card got swiped and before the system encrypted the
numbers. Thirdly, attacks That Change or Manipulate Data: In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate data in order to compromise its integrity—instead
of deleting or releasing stolen data—is our next nightmare. Mike
Rogers, head of the NSA and US Cyber Command said the same thing. And finally, Extortion Hacks: Following the Sony hack in late 2014, we predicted that hacker
shakedowns would increase in 2015. By shakedown, we were referring not
to standard ransomware attacks, whereby malware encrypts or otherwise
locks access to a victim’s computer until the victim pays a ransom. We
meant extortion hacks where attackers threaten to release
sensitive company or customer data if the victim doesn’t pay up or meet
some other demand. With these attacks, even if you have backed up your
data and don’t care that hackers have locked you out of your system,
public release of the data could ruin you and your customers. Which cyber threats do you anticipate as the greatest risks for 2016? Share your comments with the Cloud and Cyber Security Center. 
No comments:
Post a Comment