2015 was another big year for security and cyber attacks, and almost every American was affected in some way. Donald Trump’s hotel chain was hacked, hitting thousands of hotel visitors, an Experian breach hit 15 million T-Mobile customers, details on 4.6 million Scottrade customers were stolen, and 37 million messy affairs became messier when Ashley Madison’s user account information was exposed.
These are just 4 of 18 major company hacks listed in an article by ZDnet for 2015. Cyber threats continue to be on the rise, and no industry is safe from them. The U.S. government has budgeted $14 billion for cybersecurity for fiscal year 2016. It is a serious issue.
These cyber attacks are expected to continue into 2016 and companies that will be victimized are likely those who have not yet stepped up their security game. To be proactive, here’s what you need to know and watch out for during 2016 when it comes to cyber threats:
Cloud computing allows vast amounts of data to be stored without taking up physical space. U.S. businesses are increasingly relying this system to maintain sensitive information. These centrally hosted software and cloud-based business application services revenue is expected to grow to $33 billion in 2016, as compared to $14 billion in 2011. This will potentially make hackers targeting cloud computing one of the biggest threats of 2016. Hackers have no need to overcome physical security when they could simply target the cloud system full of sensitive information.
Security experts are concerned that U.S. infrastructure will become the next major target of cybercriminals. Hackers will be making attacks against critical infrastructures such as utilities, telecommunications and logistics. Experts are recommending that very country audit their critical infrastructure in order of importance – with the most important and vulnerable being the power and energy sector.
According to the mobile security firm NowSecure, 43 percent of bring your own device (BYOD) smartphones used by U.S. workers do not have a password, a personal identification number or pattern lock. Fifty percent use these devices have been used to connect to unsecured Wi-Fi at least once a month, and almost half of mobile apps on any given mobile device have at least one major security flaw.
As mobile platforms are becoming the access point of choice for the enterprise, the issue of mobile device security and BYOD needs to become a top priority.
EMV Chip cards
On October 1, 2015, U.S. credit card issuers began issuing EMV (Europay, MasterCard and Visa) compliant cards, which store data on an integrated circuit instead of a magnetic strip. Maybe your card has already been switched over to the chip. While this change is intended to reduce certain types of fraud, it will simply give cybercriminals a new avenue of attack—card-not-present technology. As the good guys up their security game and create new systems to prevent attacks, cyber criminals adjust their strategies and come up with new methods for attacking.
Cybersecurity experts believe that phishing attacks are as prevalent a form of cybercrime as any other, and it will be a large threat in the coming year. The Global Phishing Survey of the Anti-Phishing Working Group (APWG) found that in the last six months of 2014 alone, there were approximately 124,000 unique phishing attacks worldwide, which occurred on more than 95,000 unique domain names.
A phishing attack typically involves sending an email to a victim that looks to the untrained eye as if it comes from a legitimate contact or company. The email will ask the victim to verify personal information through a link to a fraudulent Web page, and once provided, the criminal can access the victim’s personal information. Even companies that work to reduce cyber threats are not immune to receiving them.
Cyber threats are on the rise and new methods of attack seem to arise daily. The good news is that companies and individuals are continually working to become more educated and trained to prevent these attacks. As the new year approaches, be cautious of these 5 cyber threats that could potentially be targeting your organization and teach others about the implications of these threats.