617.938.6200
October is National Cyber Security Awareness month, so we at NSK put together the biggest cyber security threats you and your company should watch out for in 2016.
1. Mobile Devices
Mobile devices provide numerous risks for users. They contain sensitive information such as bank account credentials, PINS, keystrokes, screenshots, and contacts. This data can be accessed through malware, malicious apps, or even if the user’s phone is stolen or lost. Lack of user education is a big contributor to mobile device security threats.
2. The Cloud
With more and more businesses moving their data onto the cloud, it has become increasingly attractive to hackers. Hackers will exploit vulnerabilities and employ many techniques to breach data stored in the cloud, including:
- Social engineering to mimic login screens and access cloud credentials
- Exploiting comprised credentials and lax authentication
- Unsecure APIs and interfaces
- Account hijacking
3. Internet of Things and Smart Devices
The Internet of Things has led to many technological improvements, but also many risks. Smart cars, coffee makers, wearable devices, door locks, baby monitors, and other smart devices can be hacked and used for Botnet armies, to steal information, or even to collide cars on the road. Chrysler recalled 1.4 million cars in July of 2015 for being “hackable.”
This affects the healthcare industry as well. 2015 saw a rise in hackers stealing medical information from healthcare companies, but it also brought the possibility of hackable medical tech. “In August of 2015, the Department of Homeland Security (DHS) and the Federal Drug Administration (FDA) recommended that medical facilities cease use of a certain computerized medicine pump because of its vulnerability to hacking.” If the pump was accessed remotely, a hacker could change the dose of medicine the patient was receiving.
Most recently, cyber-criminals used data from thousands of IoT devices to bombard computer-security journalist Brian Krebs with bits of meaningless data, temporarily shutting down Krebs’ website.
“The attacks raise questions about the security of the much-vaunted Internet of Things (IoT),” wrote The Boston Globe, “in which everyday objects from home appliances to door locks, cars, and digital video recorders are connected over a network and can be controlled remotely.”
With 6.4 million IoT devices currently in existence, and a projected 20.8 million by 2020, this is a huge security issue.
4. EMV Chip Credit and Debit Cards
While nearly 80 countries who switched to chip cards saw a reduction in point-of-sale fraud, “Card-Not-Present (CNP) fraud will grow from $10 billion in 2014 to more than $19 billion in 2018.” After being thwarted from point-of-sale fraud, hackers have focused on CNP and online fraud. Canada’s online fraud, for example, has doubled since EMV cards were implemented.
5. Extortion Hacks
There has been a new kind of extortion hack on the rise, which is essentially cyber blackmail. Instead of simply locking users out of their systems and devices until those users pay up, hackers are now threatening to release damaging information about individuals or organizations unless they are paid. This extortion technique was used in 2015 with dating website Ashley Madison, when millions of users, who were on the site to have extramarital affairs, had their information exposed to the public.
(images curtesy of Google Images)