In January, we took a look at some of the cyber security trends we thought would dominate the upcoming year. And guess what? They’re happening. Attacks within the Internet of Things (IoT), ransomware threatening businesses across sectors, and Hollywood popularizing hacking culture are emerging trends in the first six months of 2017. A familiar cyberattack is back, too – with a twist. Here’s a look at the current landscape, plus a few things we expect to see in the second half of the year.
The IoT is a Valuable Tool for Hackers
Smart devices are everywhere and they’re only getting smarter. What a perfect playground for cyber criminals interested in leveraging everyday products to steal data. In just the past year, a botnet targeted more than 122,000 IP cameras with DDoS attacks; cyber criminals went after baby monitors for lucrative medical data; and attacks on routers essentially shut down the Internet for a day.
Looking ahead: These attacks won’t slow down. Many IoT devices come with basic passwords, such as “admin” or “password.” Until users make it a habit to update their devices with more secure authentication, the IoT will be an inviting target.
Ransomware in the Healthcare Industry
We predicted that the healthcare industry would be an attractive target for cyber criminals in 2017 because of the value of extremely sensitive personal information.
In just the first half of this year, 151 healthcare breaches have compromised more than 1.9 million records. Last month’s WannaCry ransomware attack also struck the healthcare sector, affecting major organizations. The attack went beyond the healthcare industry, also hitting at least 300,000 systems in 150 countries.
Looking ahead: The WannaCry attack won’t be the last of its kind. Human error is still the main cause for most data breaches. Expect hackers to go after unprotected systems. Ransomware attacks will continue, particularly for industries like healthcare that have generally been slow to adopt the latest in technology and security updates.
Hackers Enter Into Pop Culture
Shows like Mr. Robot, Halt and Catch Fire, and The IT Crowd brought hacking to the mainstream. These shows offer peeks inside the world of cyber security and hacker accessibility. Ironically, hackers are now targeting production companies, too.
In April, a hacker released the new season of Orange is the New Black when the company didn’t meet its ransom requests. A month later, hackers also targeted Disney over the upcoming Pirates of the Caribbean film, threatening to release the movie early. Some attackers crave the limelight and hope that going after popular celebrities or brands will bring them their 15 minutes of fame.
Looking ahead: As portrayals of cyber criminals become more prevalent in media, we’ll see an increase in these “bright lights” attacks. Celebrities, public figures, and organizations in the public sphere must keep security a top priority and have a plan in place to respond to a potential threat.
Phishing Attacks – Don’t Get Caught in the Creativity
So far, 2017 has shown us that phishing attacks have advanced from their simplistic beginnings of poorly worded emails. According to Wombat Security’s 2017 State of the Phish Report, 61 percent of IT security professionals polled said their organization has been the victim of a phishing attack.
Cyber criminals are capitalizing on increased travel during the summer months by sending bogus flight itineraries, or offering deals on hotels and flights. These appear to be legitimate messages from a travel company or airline, but when clicked they install malware on the user’s computer.
While phishing attacks are getting more creative, they’re still avoidable. Words are sometimes misspelled within communications and the email address may be unrecognizable – a repeated string of the same letter. In the case of travel-related phishing scams, only book with trusted websites with a strong reputation. Though it’s tempting to click on a deal that sounds too good to be true, resist that urge and call the travel website or airline to confirm.
Looking ahead: Collaborative office tools will continue to be targeted – keep an eye on inter-office messaging apps and time-organization tools.
This has been a busy year for the cyber security industry. We’ll continue monitoring these trends and dissect new developments as they unfold. Staying informed and educated will be key to remaining a step ahead of emerging threats.