Will These Really Threaten Our Online Security?
When it comes to online security, one would imagine that the rapid advancements in both hardware and software would lead to increased protection and less risk as the years go by. Unfortunately, those same advancements are also available to cyber criminals so what we are seeing is actually a rising trend among cyber attacks, as the methods get more sophisticated and the platforms become even less segmented. With the rise in popularity of mobile computing devices that use a single open source OS, the targets for cyber-attacks have only increased.
There are a number of new online security risks that have surfaced these past few years, and one would wonder if they will really threaten our online security for the long term or will they get addressed this year? These new online security threats include:
Ransomware
Last year saw the discovery of a new type of malware called Cryptolocker, which encrypts files it finds on an infected host and stores the decryption key on their own C & C server network. It uses a different encryption key for each new infection so the only ones who can decrypt the files are the makers of Cryptolocker themselves. The catch is that they ask people to pay them a ransom in exchange for the decryption key, which costs around $300 and should be settled within 72 hours or they will destroy the decryption key.
Cryptolocker’s targets were mostly individual users, who were most likely content with just reformatting their drives instead of paying the ransom, as their data usually isn’t worth hundreds of dollars. But do you know which ones do have data that are worth thousands, if not millions of dollars? Enterprises and businesses. It’s only a matter of time before Cryptolocker or new variations of it start to target large enterprises and businesses that handle so much data that it is usually more cost-effective to just pay the ransom than go through all the trouble of temporarily stopping operations just to rebuild their database.
Compromised Clouds
The cloud infrastructure has been around for quite some time, and most recently saw its popularity and use rise as companies start to realize its benefits in terms of cost savings and increased efficiency. However, it is still true that there are security risks involved, especially since not all clouds are equally well maintained and supported. If a company decides to go with a public cloud infrastructure with poor security, chances are they are merely extending the vulnerable space, which means they are increasing the number of areas that can be attacked while also limiting their ability to prevent or handle the attack immediately. Technically, the solution is to opt for a private cloud, but these types of clouds can be too expensive for most small to medium enterprises that they start to negate the benefits.
Mobile Phishing Strategies
Phishing scams and attacks have been around ever since e-mail was first used commercially, back when the only way to check your e-mails was through a desktop PC. But now that mobile devices have started to overtake desktops when it comes to market reach, the cyber criminals have started targeting mobile users, and they have recently developed whole new strategies to accommodate the new platform – from phishing sms messages to misleading advertisements, and of course there’s also the traditional e-mail based phishing email. This is especially alarming considering that many enterprises these days encourage their workers to telecommute and extend their working environment to their smartphones and tablets. All it’s going to take for a cyber criminal to get access to an enterprise’s networks is one employee who didn’t know better.
Mobile-Oriented Attacks
If you’re following mainstream news, you’ll no doubt have seen numerous cases of celebrities and famous people having their personal information and data compromised because somebody managed to hack their phone. Now that we live in an interconnected world and that almost everybody has a smartphone, cyber criminals have realized that it is the smartphone that will serve as their gateway to just about anything they want – from people’s personal files to a huge company’s precious data, all it takes is just a single smartphone to be compromised. This is particularly dangerous now that majority of smartphones are running either iOS or Android. The standardized platform will no doubt make it easier for them to find a single vulnerability or exploit that will work on a wide variety of devices.
Last But Not the Least: Social Media Attacks
Ever since the rise of social networking as a new channel for socialization, marketing, and entertainment, there’s also been a rise in attacks. Some of them require technical skills – like the ability to code a Facebook app that can spread itself virally through fake news and like-baiting tactics – but the true danger to social media is that the increased emphasis on socialization means that it is very, very vulnerable to social engineering, which doesn’t require any technical skills in so much as it only depends on a person’s charm and ability to con people.
Tags: data security
September 3rd, 2014 at 6:32 am
[…] it relies on tried-and-tested systems and methodologies in order to provide solid security. However, IT security threats these days evolve on a rapid pace and new ones are being discovered or created …. Here are ten great examples of crazy IT security tricks that Prestige […]