At the beginning of the year, PC World compiled a list of five security threats that they predicted would have major impacts in 2015. In this blog, we’ll take a look back at their predictions and probe deeper into how these threats are affecting businesses.
1. Internet of Things (IoT)
PC World cleverly labeled IoT as “the Insecurity of Things,” and suspected that these technologies would turn into large bullseyes for intruders to target. Smart TVs, home security, and wearables are a few of the internet-capable devices that are getting the most attention. When you take all of these devices and connect them, you get a big data sweet spot for criminals to chew on. According to Dark Reading, “As the amount and value of this data increases, its value as an attack target could increase – both attacks that steal private information or manipulate it and damage its integrity.”
2. Sophisticated DDoS Attacks
As PC World explained, the purpose of DDoS attacks is to disrupt, distort, and in some cases, disable. But these attacks aren’t typically linked to grand-scale identity theft. That is until now, as DDoS attacks have progressed to violate user privacy. For instance, Hola VPN, a free peer-to-peer network service that offers users access to geoblocked content, has been flagged for being maliciously dangerous. The software has remote code execution and client-enabled tracking flaws. Given that Hola service depends on the collective network of users, individual networks could be compromised without users even knowing what type of activity these networks are used for.
3. Social Media Attacks
At the beginning of the year, United Press International and the New York Post had their Twitter accounts hacked. Is this just the beginning of these types of social sabotages? Kevin Epstein, VP of advanced security and governance at Proofpoint, certainly thinks so. He expects “inappropriate or malicious social media content to grow 400%.” Enterprise social media accounts that live on Twitter, LinkedIn, and Facebook are easy vessels to distribute malware or simply destroy credibility.
4. Mobile Malware
Speaking of malware, just as social media sites are targets, mobile devices are naturally glowing targets for cybercriminals as well. There is a high volume of new mobile malware threats ready to pounce all over the mobile workforce. As mobile continues to gain popularity for day-to-day business activity, we will see more “mobile ransomware” incidents. In typical ransom fashion, ZDNet explains that mobile variants will encrypt phone data and demand payment for its return.
5. Third-party Attacks
Why go through a hard-hitting security defense when you can go around it instead? That’s the question cybercriminals have been asking themselves, and they’ve found a solid workaround: third-party vendors. These vendors are the perfect target because they have all of the network validations and credentials from various corporations. 40 million Target customers, 15,000 Boston Medical Center patients, and 868,000 Goodwill customers were the latest victims of third-party attacks.