Enterprise cybersecurity is a classic “Red Queen Race.” Not only must a business adopt measures to counteract the current strategies of hackers in a timely manner, they must also regularly employ new countermeasures to proactively intercept the newest attempts by these ever-changing opponents. It is the only formula for success. With that thought in mind, here are some enterprise cyber threats to expect in the upcoming year:
- Machine to machine attacks – By 2020, the folks at Gartner estimate that there will be 2-3 devices connected for every person on the planet. That is over 20 billions devices – many of them with little or no real security. The newest generations of hackers recognize this fact and are already developing malware to take advantage of the fact. Be prepared for a technological onslaught like no other in history.
- Headless worms – On the lack of preparedness front, most cybersecurity professionals are most concerned with the lack of security on so-called “headless” devices such as smartphones, smartwatches and medical hardware. These devices are fairly sophisticated but most of their computing capability is aimed at functionality – not security. Add that to the fact that they usually communicate with multiple other devices in a day and a single one can easily start the viral propagation of a worm or other malware.
- Cloud-based jailbreaking – The “cloud” is here to stay and so are the virtual machines that aim to penetrate their cybersecurity defenses. Malware is already being specifically built to crack the most robust of cloud-based systems. Again, mobile apps will provide the most fruitful avenue for hackers to access public and private clouds.
- Ghostware – In the aforementioned Red Queen Race, cybersecurity experts – and law enforcement agencies – will multiply their forensic investigation capabilities while hackers will adapt to evade detection. Most notably, the latter will endeavor to create software that penetrates a system, downloads its data and then covers its own tracks. So called “ghostware” can pose a particularly difficult problem for companies – and their cybersecurity experts – to deal with as they may not even know what hit them until it is too late.
- Two-faced malware – These days, the latest releases of current software are tested as to their performance and security in a safe – read that as isolated – environment where there capabilities can be evaluated before being distributed for wider use. Hackers in turn are creating two-faced malware that looks benign under surveillance but eventually morphs into malicious code after a specified period of time.
- Social engineering – Hackers of every stripe are also resorting to less technologically oriented attacks. Through the use of fraudulent emails, bogus phone calls and access via physical vulnerabilities, phishers seek to ascertain proprietary information that will gain them online access to public and commercial databases – even if they are cloud-based.
- Insider threats – Similarly, bribery, blackmail and social pressure are increasingly being used by hackers to force employees to compromise the security of their company’s enterprise. For example, even the CIA and NSA could not stop Edward Snowden from leaking classified information and Chelsea Manning released classified information that he knew could result in the death penalty.
For more information on these and other more advanced threats to your enterprise cybersecurity, please contact us here.