Cyber security risks have become a constant for big and small businesses, individuals and companies, the private and government sector alike. And let’s face it – the risks are high. The more you are involved in the scary world on online connecting and doing business, the more exposed you are to the threats that reside within the dark world that can sometimes be the World Wide Web. Moreover, we are often not even aware of the danger and how close we came to be a victim of all kinds of malware, let alone the damage malware can cause and how to defend from it. In that sense, we have prepared a short list of security risks that pack quite a punch, but were overlooked in 2018.
1) Software supply chain
There were numerous cases detected of cybercriminals gaining access to a targeted network through compromising the integrity of their software supplier – more in the last year than in the entire decade. By changing source code at a trusted company or using their update process to forcibly download malware onto targets, cybercriminals have found a sure-fire way in – If you can’t get past the defenses of your target, try getting past the defenses of one of their suppliers. The U.S. Department of Defense has rightly made supply chain risk analysis an increasing focus for their contractors and the same lesson applies broadly to corporate customers.
2) Small businesses
As cybercrime technology advances, the danger for the companies of all sizes increases. Moreover, small businesses appear to be at even greater risk, simply because they have less budget for cyber security purposes and more to lose in case of a breach than the big players. The amount of information stored with a company is irrelevant to the customer who left you with his personal information to safe keep. He won’t care that you only lost 100 email addresses and 50 bank credentials – if his are among them. And to you, those are 100 (+50) people who will never come back to do business with you – which may well be your entire roster of customers. And then what will you do? And what if your company is a subcontractor working for the Government or City Hall? This is precisely where the stakes have been upped significantly in 2018 as targeting one small business has proven to be a threat to the national security or city functioning.
3) Data manipulation
During the last year, it’s become more clear what hackers do with compromised data – most of them injure either the confidentiality or availability of data. That is to say, they are either spying on or disabling some system. But there is of course another option: attacks on integrity. If you found out your bank records were, even in some small way, remotely altered say… 18 months ago? How would that change your perception of the safety of keeping your money in the bank? What if 1% of the bottles of some over the counter medication had the formula altered to change efficacy, how would that affect your trust in the medical system? Subtle, data manipulation is hard to detect, harder to prove and leaves a lasting stigma of distrust and conspiracy even if caught. Already we see some criminal groups engaging in this sort of activity to modify gift cards and other forms of petty cyber larceny, which means that more sophisticated operations and nation-state challenges won’t be far behind.
4) Mobile targeting
In the United States, as important as mobile devices are, there still is a wide variety of ways of accessing digital content – smart speakers, tablets, even old-fashioned laptops and desktop computers. Furthermore, for much of the developing world, cell phones might be the only way of getting online – and a perfect opportunity for cyber criminals to infiltrate their targets, especially since not that much attention is paid on mobile cyber security. That is why cyber threat groups working for law enforcement and security services in southeast Asia, subsaharan Africa and Latin America are focused on developing exploits for mobile devices. As their cyber programs mature, in 2019 expect mobile security threats to come home to roost in Europe and the United States even if they are currently being deployed elsewhere.
5) AI as an offensive weapon
Many have been undecided about the impact Artificial Intelligence could have on employment, manners and nuclear warfare. However, few have realized that Artificial Intelligence, or at least the machine learning algorithms undergirding that research field, are likely already being deployed by cybercriminals. As with the business model of many Silicon Valley giants, the more data they aggregate the more connections and hence, more value, each additional stolen record will provide when correlated with all the others. No wonder there are now entire countries that have turned to large-scale theft of healthcare records, telecommunications backbone compromises and cloud hosting hacks.
If you are concerned with maintaining the proper level of cyber security in your company, Awontis can help you. We have over 275 clients who are more than satisfied with our services. On more than 1500 websites we actively monitor, nearly 55,000 security threats were successfully prevented using our solution. The websites under our protection are watched 24/7 for threats and updates, allowing the businesses they represent to thrive. Finally, the already compromised websites are fixed by being thoroughly cleaned of malicious content and protected from future threats.