As we enter 2018, The cyber landscape is changing once again. Technology continues to evolve, and so does the threat to our online safety. Last year saw a rise in cybercrime like never before, and the next twelve months predict no change in this pattern. The only way to keep yourself safe from online attacks is understanding thoroughly the threats before they happen.
Like most years, 2017 saw a global rise in cybersecurity threats, with the types of attacks transforming to never before seen heights. Well-known ‘players’ such as phishing still caused widespread havoc, with more than 76% of organizations reporting attacks. A new iteration, known as whaling, which targets company CEOs and Executives, also gained popularity.
However, by far the most destructive attack of the year – and potentially in all of history – was the WannaCry ransomware hack in May. The malware took down more than 230,000 computers in 150 countries. Victims included individuals, large companies such as Telefónica, FedEx, and Deutsche Bahn, and even the British National Health Service.
It wasn’t just notoriously vulnerable Windows PCs that were hit in 2017. In April, MacAfee published a report stating malware on MacOS was up 744%! Alongside this, 1.5 million incidents of mobile viruses were detected.
A quick look at the forecasted cybersecurity threats in 2018 suggests this problem is going nowhere fast. The only way to avoid a repeat of the global hacks of 2017 is to increase cybersecurity awareness.
We’ve highlighted the most prevalent risks of the upcoming year so you can take pre-emptive action now.
Machine Learning Enabled Attacks
Recent advances in AI have been significant. Most of the leading tech-giants have already released home automation hardware, which provides users with their own AI assistant. However, while development of products such as Amazon Echo, Apple HomeKit, and Google Home afford unmatched convenience in the home, their groundwork has paved the way for a whole new brand of cyberattack.
Firstly, the sophisticated analysis tools used in AI assistants has also been implemented by cybercriminals. According to Intel Security, machine learning is used to scope vast amounts of public domain data for profitable targets. Already unleashed globally, this tactic is set to increase cyberattacks in 2018 significantly.
Furthermore, home automation assistants offer a new form of data interception. The systems record your voice, and the parent companies store these sound snippets. Although the recording is set to start when triggered by a specific phrase, their tendency to malfunction means your conversations could be cached without your knowledge.
This vulnerability represents the tip of a larger problem. 2018 may be the year that IoT cybercrime reaches full-throttle.
Attacks on the Internet of Things (IoT)
“When it comes to the Internet of Things (IoT), we’re only seeing the tip of the iceberg for security breaches” – Xu Zou, CEO OF Zu Zou
Considering nearly half of US firms suffered security breaches in 2017 due to their Internet of Things (IoT) network, this quote by the co-founder of the security firm, Zu Zou, may seem surprising. However, we’re yet to see the full power that can be unleashed using IoT hacks.
After two years of notable attacks, security protocols of IoT devices still aren’t adequately prioritized. For now, they provide easily-breached back-doors to entire company eco-systems.
For IoT users at home, the threat is even more worrying. If a hacker successfully gains virtual access, it’s easy for them to get onsite by manipulating door and security camera controls.
Until there is a ubiquitous solution for IoT cyber protection, the frequency and severity of these attacks will increase.
Attacks to the Cloud
The cloud has fast become an irreplaceable part of computer technology. As remote work and communication increase, more organizations are choosing to base their network on these online portals.
Trave Harmon from Triton Computer Corp even predicts, “traditional IT will be overtaken by cloud-based services and on-demand services.”
Unsurprisingly, the cloud has become a prime hack target. The last few years have seen numerous breaches and raised serious questions about security. In 2018, new regulations will vastly change cloud-use for businesses.
The EU has created a General Data Protection Regulation (GDPR), which details rules for cloud providers regarding handling personal data. It includes general security requirements and protocols for data requests by governments and law enforcement. Some cloud providers, including Amazon Web Services (AWS), have already voluntarily signed-up.
Although the act aims to increase security, it may impede companies that heavily rely on cloud-based storage. Furthermore, it will act as a catalyst for the development of new Cloud hacking techniques by cybercriminals.
Ransomware first reared its ugly head in 2012. Since then, the scam has grown to global heights. Once your computer is infected, the malware will shut down all programs until a monetary ransom is paid. Already, we have seen entire systems brought to a standstill.
The brilliance of ransomware is how easy it is to contract, versus the immediate payoff for criminals. You can fall victim through phishing emails, visiting malicious websites or downloading software. Once it takes hold, the easiest solution is to pay the ransom.
In 2018, ransomware on individual users will continue to rise. Those who are less technically-literate, such as older citizens, are more likely to fall for the scams.
Conversations have also taken place regarding the use of ransomware in cyber-warfare. The 2017 WannaCry attack forced the UK NHS to cut back to emergency services; patients were unable to book appointments and staff had no access to records. As allegations began to fly that North Korea was behind the attack, serious questions were raised about the power of ransomware in international conflict.
Single Point of Failure Attacks
Much like the implication of machine learning enabled attacks, hackers are always searching for ways to streamline their process. Instead of targeting millions of individual people, we will see a greater focus on large company hacks in 2018. By honing their focus, criminals can extract lots of information from a single system intrusion.
We have already seen the potential for attacks of this nature in 2017. LastPass was shamed when an epic security hole was discovered that could have leaked millions of passwords to malicious hackers. Fortunately, the vulnerability was spotted before it was exploited. Similarly, credit reference agency, Equifax, had to inform 143 million customers that their data might have been breached in an attack five whole months earlier.
These large-scale cybersecurity attacks can destroy the reputation of an entire company, but it’s not just the business who are under threat. Our personal data is stored in more places than we even realize; one negligent company and you could be a victim of identity theft or fraud.
Know What to Look For So You are Never Left in a Lurch
As cybercrime increases so do online security protocols. Good personal practices are your strongest weapon against hackers.
Follow the tips for efficient and straightforward cybersecurity solutions:
- Invest in a top-rated antivirus suite and perform regular checks
- Use unique, complex passwords and change them frequently
- Properly vet third-party apps and downloads
- Keep all software up-to-date
- Always use a Virtual Private Network (VPN) on public Wi-Fi hotspots
- Review social media privacy settings
- Request your information removed from as many public records as possible.
Though the cybersecurity forecast for 2018 may seem bleak, it’s merely a call for less ambivalence around online security. Knowing the risks, and how to protect yourself, will keep your data safe in the year to come.