Looking back over 2016, I think we can all agree that we don’t exactly remember it to be a year to shout about.
So what is there to look forward to?
Last year, Brexit became a reality, Trump took a shock victory, and we sadly said goodbye to one too many of our childhood idols. Sure, 2016 is going down in history, but not for the best of reasons. But hey, at least Apple released a splash proof phone, right?
So, as it’s the only time of year that we can get away with it, we’ve decided to embrace the cheesy one liners. Yep, here at Datastore365 we’re taking the New Year, New Me approach to things. It’s about looking forward on to new horizons… and onto new technologies and developments. So without further ado, here’s what to expect in Information Security in 2017 according to ESET.
1. Ransomware of Things (RoT)
Ransomware is happening. Targeting and abusing information systems to extort money is nearly as old as computing itself – and surprise surprise, this delightful form of malware made a huge comeback in 2016. And unfortunately, the number of ransomware attacks is set to increase this year too, so we’re placing it right up here as the number 1 cyber security trend to look out for in 2017.
As many of our daily possessions become digital, there is a risk of cross-pollination occurring – increasing the risk of cybercriminals attacking an additional connected device, only returning access to the rightful user once a hefty sum of money is handed over. This is known as Jackware. ESET explains:-
‘A victim’s eye view of jackware might look like this: on a cold and frosty morning I use the car app on my phone to remote start my car from the comfort of the kitchen, but the car does not start. Instead, I get a text on my phone telling me I need to hand over X amount of digital currency to re-enable my vehicle. Fortunately, and I stress this: jackware is, as far as I know, still theoretical. It is not yet “in the wild”.’
It’s our responsibility to prevent Jackware becoming reality. Without paying special attention to the security of our systems, we risk handing the keys over to cybercriminals who are out to get as much as they can. To combat this, it’s important to consider your operation as a whole. This means understanding the importance of protecting each mobile device, tablet, mobile phone and laptop – and ensuring each user has the necessary training to avoid becoming a threat to your organisation. Traditional security techniques, like filtering, online backup, encrypting, and authenticating are recognised and proven methods of preventing ransomware from having detrimental effects on your business – so what steps will you take to prevent a ransomware attack on your business in 2017?
2. Security Education and Social Responsibility
‘For some it occurs out of naivety and ignorance, for others out of simple curiosity, wanting to see what will happen. “You are visitor number 1,000,000!”, “You won the lottery!”, “You have been selected for a dream holiday trip!”, etc. …. These are just a few examples of the bait offered. But why, as computer threats have continued to evolve to the level of sophistication we now see in terms of targeted attacks, cyber warfare and APTs, have these types of scams remained so successful?’
When we take a look at the problem – it’s seems there is a very simple but effective solution that may help in the future. Yes, naivity and curiosity, (and plain foolishness) isn’t going to go anywhere – but by educating the end user on current threats, how they spread, and how they can be avoided, we can help to lower cyber crime rates going forward.
We often forget that cyber security is the responsibility of everyone – not just those working in IT – and it’s often those who work outside of an IT department that unfortunately end up clicking on bait, may it be an email attachment disguised as a CV or an invoice, it’s these simple mistakes that can be easily avoided if education is implemented.
3. Healthcare Challenges
The healthcare industry hasn’t had a great time as of late. And we’re not talking about cuts to the NHS!
The threat to the healthcare industry is very real, and despite being a crucial backbone to society, often becomes an easy target for cyber criminals. This may be due to the very nature of the industry and the great volume of sensitive data that is managed around the clock, or perhaps due to the lack of cyber security understanding which encompasses the overall improper implementation of security, which is inconsistent, flawed and insecure.
Our advice to those operating in the healthcare industry is simple – thoroughly assess the risks, implement secure, automated and REGULAR backups of company data, and take the time to educate your team on understanding of the vulnerabilities in-house equipment, use of email and overall cyber security.
It’s time to start the year off right…
We hope this article has encouraged you to think about your business goals for the year, and how easily a cyber attack can occur. We know it can be hard to stick to new years resolutions, (we say as we tuck into a box of mint match makers as we write this – 3 weeks after promising to give up chocolate)…
But, if you are going to stick to one goal this year, please promise us that it will be to think twice about the security of your critical data. Get in touch with a cloud specialist to find out how we can help.