Johannesburg, 15 Mar 2017
With 2017 well under way, we have to tread the path forward very carefully, as the staff at eScan have every reason to believe that there are more challenges to IT Security to come than ever before.
Some of the key cyber threats, which pose a higher risk are:
Ransomware
In 2016, as predicted we have seen the rise of ransomware attacks which grew by more than 300% within a year, costing billions. Many organisations/individuals have fallen prey to this infamous piece of malware and many of the victims have been forced to pay to get their valuable data back.
Security vendors have started collaborating with each other and the enforcement agencies in tackling this menace by providing a multitude of free decryption tools to various variants of ransomware. There have been concrete efforts which resulted not just in the take-down of ransomware networks but also led to arrests of the authors/creators of ransomware. With this collaboration in place, we expect 2017 to be the year of "War Against Ransomware" which is looming large.
Until recently, very few variants of ransomware used exploit-kits to propagate, however in the latter half of 2017, eScan predicts an upward trend in the usage of exploit-kits being used to deliver not just the ransomware, but info-stealers too and this will, according to the eScan Research team, be the top cyber threat for 2017.
Internet of things
In September 2016, the Mirai Botnet exploited IOT devices, like network cameras, DVRs and a few other IOT devices, to initiate a historically massive DDOS attack. IOT is growing more rapidly than anticipated and is now also ready to be part of the connected world. However, eScan has observed that the IOT developers did not take the cyber threat possibilities into consideration when creating it, thus making a huge potential bot network, which could cause unimaginable damages in terms of shutting down large scale public infrastructure.
IOT devices have been one of the targeted groups of devices by hackers to exploit the vulnerabilities at both individual as well as enterprise levels. eScan predicts a rise in attacks on Linux-based systems, or firmwares. In 2017, we can expect a major overhaul of our understanding of IOT devices and moreover, we should expect IOT vendors and organisations to take note of the potential cyber threats by IOT devices. We should consider IOT devices a huge security risk for 2017.
Online banking and wallets
Banking has been a fertile ground for cyber attackers due to the immediate financial gains it could provide. Online banking users have traditionally been targeted by skimmers, phishing, ransomware and info-stealing Trojans. Some have even been the victim of telephone scams and international missed call scams, while others were conned into divulging their card details and getting their entire savings wiped out.
Internet penetration in South Africa is at a rapidly growing 51.9% currently and South Africa presently ranks 24th in the comparative list of Internet user countries. eScan believes that it will be a herculean task to prepare 51.9% of South Africans for the threats that come with their connectivity.
However, individuals who abstain from using the Internet should not think themselves safe. Cyber criminals are continuously looking for new avenues in terms of mobile and unified payment options. This would be a great avenue for cyber criminals to exploit the unaware/uneducated mass of victims from this technology transition. Due to the sudden move of switching over to digital payment platforms, more than 85% of users are left wondering how to safely use this new payment option. We already saw sporadic incidents of digital wallets frauds in 2016.
This is one of the new emerging areas of concern, as the patterns are less known, but could be a high potential threat due to the financial gains it could provide to cyber criminals.
Concluding Notes
The security vendors are preparing by using the latest AI technologies to predict and protect before the attacks happens. However, a lot could materialise with the rapid adoption of technology by unaware users, the lack of a legal framework across borders, or the speed of investigation.
We predict that various nodal agencies and governments will come together in 2017 to form a worldwide council to create an equal platform for online users across the globe.
It is imperative that government bodies take IT security as one of the most urgent and immediate concerns to be addressed, by setting up easy-to-understand legal framework for users and robust security practices to be followed by organisations facilitating IT services, from payment gateways to telecom bodies.
Share