Story image

Where to focus your threat protection strategies this year

23 Jan 2018

The threat posed by cybercrime to businesses, governments and consumers alike has never been more apparent. While awareness of cyber threats may be at an all-time high, attacks are still both prevalent and successful.

Cyber attacks have existed almost since the Internet was born. Some might think that by now organisations would have come to a point where they are a step ahead of criminals. Unfortunately, the constantly changing and complex nature of cyber threats makes it extremely difficult for organisations to keep abreast of the issues and prevent the next attack from happening.

Understanding where the threat comes from, and the techniques cyber criminals employ to expand their reach and cause more damage is the first step towards building winning cyber security strategies.

Here we examine the top cyber security trends that will shape-up the cyber threat landscape in 2018:

Panic around data breach notification laws

New regulations will likely create a wave of panic among public and private organisations, as many of them do not have the right solutions and systems in place to identify data breaches, have a clear view of the data compromised, and take mitigation actions.

Ransomware to get sneakier

Since ransomware is so profitable for hackers, we expect this type of vicious attack to become even more sneaky. Next year, we’ll see more and more of ransomware being used to cover other infections.

Most people are now aware of how the ransomware business model works, so it will be easy to add information stealers to it that may go undetected. We’ll also see more of ransomware as blackmail – encrypted files being uploaded to attacks and released publicly if the ransom is not paid. For example, photos for consumers and confidential documents for businesses are increasingly used by hackers to extort money.

It is going to take major action and co-operation between many different law enforcement agencies around the world to event attempt to shut these activities down, or at decrease the number of successful attack to occur.

It’s critical that both businesses and individuals take action to educate themselves on how to protect their computers and networks to mitigate the risks of ransomware attacks. Here’s a helpful prevention guide.

IoT devices and wearables will increase the surface of attack

The risks to personal data sovereignty that IoT devices pose are numerous: remote hijacking, spyware, personal data collection, harvesting malware and ransomware. The abundance of connected home devices and personal assistants gives yet another channel to hackers, with potentially devastating effects.

With consumers and business owners alike often unaware of the security measures and how much of their private data is been consumed through each device, we are likely to see an increase in these sorts of attacks.

With cyber threats to be more prevalent than ever this year, it is critical companies take action to give themselves the best possible protection. The beginning of the New Year is a great time to reassess their current protection levels.  To determine the best approach, a good place to start is seeking advice from reputable security experts and/or vendors who can advise on the best next steps for any business.

Article by Webroot information security analyst Dan Slattery.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.