by: Thomas Kwon, Commercial Operations
THE THREAT
Since 2018 there were 80,000 cyber attacks per day and or over 30 million attacks per year. Ransomware attacks are growing more than 350% annually. IoT attacks were up 600% since 2017. 61% of breach victims in 2017 were businesses with under 1,000 employees.
In general, the real issue with Cybersecurity is “Threat Hunting” and proactive/active defense against adversaries. All experts agree that we are fighting at our one yard line and we need to bring the fight out of our zones. Below are the top 10 cybersecurity concerns.
1. RANSOMWARE ATTACKS
Ransomware attacks have become popular in the last few years and pose one of the most prominent Cyber Security challenges in 2021. According to the Cyber Security firm Sophos, about 82% of organizations were hit by ransomware in the last six months. Ransomware attacks involve hacking into users’ data and preventing them from accessing it until a ransom amount is paid. Ransomware attacks are critical for individual users but more so for businesses who can’t access the data for running their daily operations.
2. IOT – FIRMWARE ATTACKS
According to IoT Analytics, there will be about 11.6 billion IoT devices by 2021. IoT devices are computing, digital, and mechanical devices that can autonomously transmit data over a network. Examples of IoT devices include desktops, laptops, mobile phones, smart watches, smart security devices, etc. As the adoption of IoT devices is increasing, so are the challenges of Cyber Security. Attacking IoT devices can result in the compromise of sensitive user data. Safeguarding IoT devices is one of the biggest challenges in Cyber Security. Gaining access to these devices can open the doors for other malicious attacks.
3. CLOUD ATTACKS
Cloud Services is prevalent for personal and professional needs and hacking cloud-platforms to steal user data is one of the challenges in Cyber Security for businesses. You may be aware of the infamous iCloud hack, which exposed private photos of celebrities. When such an attack is carried out on enterprise data, it could pose a massive threat to the organization and maybe even lead to its collapse.
4. PHISHING ATTACKS
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. Hackers use it for their own advantages, such as online shopping and illegal money transfer. Phishing attacks are prevalent among hackers as they can exploit the user’s data until the user finds out about it.
5. BLOCKCHAIN AND CRYPTOCURRENCY ATTACKS
Last week’s $100MM heist from Japan’s Crypto exchange, Liquid and the prior week’s heist of $600MM from Poly Networks raised awareness about the vulnerabilities in the CyberCrypto markets. Attacks on these frameworks pose considerable challenges in Cyber Security for businesses as it can compromise the customer data and business operations. These technologies have surpassed their infancy stage but have yet not reached an advanced secure stage. Thus, several attacks have been attacks, such as DDOS, Sybil, and Eclipse, to name a few. Organizations need to be aware of the security challenges that accompany these technologies and ensure that no gap is left open for intruders to invade and exploit. Chain analysis and the security of hot and cold wallets will be a challenge moving forward.
6. SOFTWARE VULNERABILITIES
Vulnerability assessment and safeguarding is almost a thing of the past. This is where most organizations focus but, it’s safe to say, if a Hacker wanted to breach, it’s already done so. Even the most advanced software has some vulnerability that might pose significant challenges to Cyber Security, given that the adoption of digital devices now is more than ever before. Updating your device’s software with the latest version should be a top priority. Attacks on unpatched software versions are one of the major challenges of Cyber Security. These attacks are usually carried out on a large number of individuals, like the Windows zero-day attacks.
7. MACHINE LEARNING AND AI ATTACKS
While Machine Learning and Artificial Intelligence technologies have proven highly beneficial for massive development in various sectors, it has its vulnerabilities as well. These technologies can be exploited by unlawful individuals to carry out cyberattacks and pose threats to businesses. These technologies can be used to identify high-value targets among a large dataset. An advanced attack might prove to be too difficult to handle due to the lack of Incident Response and ability to match attacks in scale.
8. BYOD (BRING YOUR OWN DEVICE) POLICIES
Most organizations have a Bring-Your-Own-Device policy for their employees. Having such systems poses multiple challenges in Cyber Security. If the device is running an outdated or pirated version of the software, it is already an excellent medium for hackers to access. Since the method is being used for personal and professional reasons, hackers can easily access confidential business data. Secondly, these devices make it easier to access your private network if their security is compromised.
9. INSIDER ATTACKS
While most challenges of Cyber Security are external for businesses, there can be instances of an inside job. Employees with malicious intent can leak or export confidential data to competitors or other individuals. This can lead to huge financial and reputational losses for the business. These challenges of Computer Security can be negated by monitoring the data and the inbound and outbound network traffic.
10. OUTDATED HARDWARE-FIRMWARE
This is an enterprise issue and includes IoT and firmware, i.e., below the OS. Not many companies are addressing this. Trapezoid is an Outpost Cybersecurity company and leaders in firmware detection and incidental response. Not all challenges of Cyber Security come in the form of software attacks. With software developers realizing the risk of software vulnerabilities, they offer a periodic update. We can lean hard and heavy on this topic as it will become “top of mind” across all enterprises. Reason being, Intel and Microsoft have both come out and admitted on vulnerabilities.
