As the end of 2016 approaches, we enter the period when security vendors publish their predictions for what cyber threats may emerge in 2017.
Whilst 2016 will be remembered as the year of the data breach, several obvious threats are likely to feature in the next 12 months:
Mobile – Whilst a predicted rise in attacks against mobile devices has been repeatedly predicted for a number of years, many experts believe that 2017 really will be the year of significant attacks against mobile devices. As this threat continues to grow and businesses increasingly utilise Bring Your Own Devices in the workplace, corporate breaches that originate on mobile devices will become a more significant corporate security concern.
Internet of Things (IoT) – The threat from IoT devices has been starkly highlighted in the past few weeks with the creation and exploitation of IoT botnets used in record breaking DDoS attacks. A botnet variant called Mirai was identified by security firms as being the tool used to find and compromise insecure IoT devices. The ability to bring down some of the world’s biggest websites and more recently an entire nation’s (Liberia) internet connection suggests that DDOS attacks using IoT botnets are likely to grow even larger in scale.
As more IoT devices are connected in 2017, the threat surface will increase accordingly.
Cloud - An attack to disrupt or take down a major cloud provider has the potential to affect a number of customers’ businesses. As more organizations start to utilise cloud services, these attacks are likely to start finding their way into this new infrastructure, either by encrypted files spreading cloud to cloud or by malicious actors using the cloud as a volume multiplier.
Ransomware – In 2016 the threat from Ransomware rose dramatically with more advanced variants bringing in millions of Dollars of ransom money to cybercriminals. Ransomware is highly effective and is now the most profitable malware type in history. New variants of the malware are likely to aim for higher value targets next year such as company databases. By hitting an organisation where it hurts the attackers will be able to demand more ransom money.
Can you counter these threats?
No-one can 100% guarantee that you won’t fall victim to these threats, but you can reduce them dramatically by implementing relatively simple measures such as ensuring you have a plan in case disaster strikes and ensure that you regularly backup your most important data.
According to the UK government, developing a cyber aware culture through training can reduce the cyber threat by as much as 80%.
With New EU (GDPR) legislation is due to come into force in May 2018 that will severely punish organisations that do not adequately protect their customer’s data it would be a good idea to get your organisation as secure as possible.
You can greatly reduce the cyber threat through education. Course such as our Cyber Security Fundamentals and Cyber Executive Awareness courses teach execs and employees the basics of cyber security. They give an overview of the cyber threat landscape, threats and the associated risks with cyber and the impact a breach can have on both businesses and individuals.
For more information give us a call on +44 (0) 207 887 2699