After a tumultuous year of costly cyberattacks and data breaches in 2017, the consensus from security experts for 2018 is not encouraging: expect even more intense similar attacks, along with some new wrinkles in 2018. In this blog post, we will give an overview of the main cyber threats your company will face in the new year.
The main cyber threats of 2018 and some methods to protect your company are discussed below:
As the cost for hackers to develop and distribute different types of ransomware continues to drop, companies and individuals can expect the number of attacks to increase. It is increasingly becoming easier and cheaper to launch ransomware attacks and it is difficult to catch the perpetrators. Cybercriminals are also improving upon their efforts from earlier efforts and are developing ways to launch devastating worm attacks like WannaCry that are harder to detect. The more hackers can reduce the “noise” of their malicious files, the more rapidly the infection can spread.
Companies can expect to experience standard ransomware attacks, but many will also encounter modified ransomware attacks where the cybercriminal will lock out only a subset of files. The hackers will then demand a ransom and threaten to gradually lock out more groups of files if they don’t receive a payment.
Increased Activity of Nation State Actors
Nation states will increasingly use cyberattacks to further their objectives for two main reasons: the low cost of entry and the effectiveness of these attacks. These attacks are asymmetrical as the target nation state (and its affected companies, organizations, and individuals) generally has a difficult time discovering who the attacker is and where it originated. Thus, the attacking nation state can often realize the disruptive benefits of their low cost actions without suffering any repercussions. Experts predict that nation states will increasingly use ransomware attacks in an effort to help cover their tracks of their real intentions. They point to the worst nation state offenders as Russia, China, and North Korea who target primarily companies and organizations in the United States, Europe, and Asia.
Double-Edged Sword of Internet of Things (IOT)/Artificial Intelligence (AI)
As discussed in previous blog posts, the Internet of Things (IOT) and Artificial Intelligence (AI) offer many valuable benefits to companies and individuals, but they are both double-edged swords. On the negative side, IOT will make it easier for hackers to compromise networks because of the greater number of internet entry points. For its part, AI will make it easier for hackers to experiment and find ways to exploit weaknesses in security systems.
Most experts believe, however, that AI will be a more positive force in 2018 in terms of cybersecurity, as its problem-solving capabilities will enable companies to make up for some of the dramatic shortage in skilled cybersecurity personnel. They caution, however, that AI will also assist cybercriminals in their operations and this enhanced capability will become more detrimental as time passes.
Increased Attacks on Blockchain-Protected Transactions
Blockchain is an encryption method used to protect cryptocurrencies such as bitcoin. This method is expanding into IOT applications and banking transactions, which makes it an increasingly attractive target for cybercriminals. Since Blockchain technology itself is hard to penetrate, cybercriminals will instead focus their attention on exploiting users’ coin wallets and deceiving victims into installing tainted coin-miners on their devices. By doing this, cybercriminals will gain access to the sensitive information and resources of users that believed they were well protected by Blockchain technology.
Increased Attacks on Mobile Devices
There will be an increase in customized cyberattacks on mobile devices because of their more frequent use and the increasing trend toward remote work. According to a BCC Research report, in response to this growing threat, the mobile device security industry is expected to grow at a compound annual growth rate of 14.7%. As a result, this significant industry market will be valued at $37 billion in 2022.
Tips to Protect Your Company
In previous blog posts, we have outlined steps your company can take to protect itself against cybercriminals. In the section below is an overview of some recommended steps your company can take to fight against these cybersecurity threats:
- Protect Against the Weakest Link – Employees
Your employees remain the weakest link. Their actions and mistakes provide the easiest way for cybercriminals to access your company’s network. Make sure to provide plenty of education and training to help workers recognize spear phishing attempts and to avoid dangerous internet and email behavior.
- Don’t Skimp on Network Protection and Backup Systems
Make the investment in top line anti-virus applications and a managed firewall to maximize protection against cybercriminals. It also makes sense to invest in solutions that constantly monitor your company’s network and alert you promptly when hackers breach your defenses.
It is also important for your company to have comprehensive Backup systems in place to store all your important data. In the event of a successful cyberattack or other negative event, your company will be able to use its Backup systems to continue operations and minimize costly downtime.
In short, cybersecurity should be one of your company’s top priorities with the corresponding amount of resources devoted to it.
- Turn Off Unnecessary Services
Take the time to inventory all your company’s services and solutions that could provide internet access and make your network vulnerable. Make sure to act promptly and turn off any unnecessary or little used services.
- Conduct Vulnerability Assessments
Be proactive and conduct regular vulnerability assessments of your company’s internal and external environments. It is important to accurately understand your company’s current state of cybersecurity vs. your desired state. These assessments will help you make the right decisions on how to get to your desired state of a well-protected company.
- Consult with an IT Support Partner
This is our most important recommendation. It makes sense to consult with an expert who knows what the most dangerous cybersecurity threats are and can design and implement a comprehensive solution to best protect your company. Take the time to discuss this important matter with a trusted IT Support partner, like Network Depot. They will help your company remain secure in the dangerous world of 2018 and beyond.