The Biggest IT Security Threats in 2017

Security
27
Jun 2017

download

With the ever increasing rise in cyber security attacks, PC users are becoming more vigilant. However, do they know what they should be wary of in 2017?

The IT security landscape is constantly changing, so what may be considered a contemporary threat one year, may soon fall into obscurity as defenses improve. However, certain security threats seem to be becoming more and more prevalent. Therefore, it’s make sense to acquaint yourself with the most likely attacks you’re going to experience in the near future.

And, as luck would have it, I’ve decided to take a quick look at the biggest IT security threats coming in 2017.

Rise in Ransomwareransomware-expert-tips-featured

Ransomware made big headlines in 2016, but far from being swiftly dealt with, it’s expected that ransomware attacks are going to rise in 2017. With the source code for ransomware software becoming readily available online, it’s encouraged hackers to become competitive and improve on each other’s brand of ransomware. When this is coupled with the relative ease that ransomware can generate revenue for the hacker, it’s no surprise that more and more attacks are on their way.

Big Data Causes More Risk

Big Data is causing huge ripples throughout the business community as it’s an approach which is focusing IT efforts on analyzing large sets of data to improve operations. However, as big data is so new, the business community doesn’t yet know how to marshal it efficiently.

With such huge data sets being openly shared between departments and businesses, the security of this data is being severely compromised. This presents a severe problem if security is breached due to the large amount of data at risk. Big Data needs to be correctly controlled and access restricted otherwise it will be in the headlines for all the wrong reasons.

Business Email Compromise (BEC) Scams

BEC scams hit businesses all over the world last year and some high profile names fell victim to this straightforward scam. By sending emails purporting to be from company CEOs, hackers have been able to con employees in to sending out either sensitive information or, in extreme cases, transfer bank funds. And, with pay outs from BEC scams reaching as high as $140,000, hackers are going to maximize their efforts on this simple and easy attack this year.

Internal Threats to Increase

insider-threats

Hackers are well aware that IT security teams are gradually getting better at blocking their attempts to infiltrate their defenses, so that’s why the hackers are turning to those on the inside. Sometimes this literally means teaming up with an employee on the inside to facilitate the theft of data. However, this inside threat can sometimes be the result of blackmail following the hacking of an employee’s social media account and the threat of revealing personal information. This is a difficult form of hacking to combat, but reinforces the need of good employee education on IT security in and out of the workplace.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

USB Drives: Simple, But Deadly Hacking Devices

hardware,
26
Jun 2017

bad_USBWe’re all used to using USB devices with our PCs for easy connections, but it’s this convenience which also makes them perfect for hacking.

The hacks that grab the headlines are those that are distributed online and through email due to the huge numbers of people these can attack; USB sticks – and, in fact, any USB devices – are limited in their range due to their physical existence, but this doesn’t mean they can’t cause huge problems in localised areas. And hacks involving USB devices can completely disable your PC, so this can have a huge impact on the ability of your business to operate.

Therefore, we’ve decided it’s a good opportunity to give you a quick lesson on the USB hacks that can affect you and how you can counter this everyday threat.

The World of USB Device Hacks

destroy-or-hack-computers-with-USB-pendrive

Due to the presence of autorun software loaded on to USB sticks, all a hacker needs to do is ensure that their infected USB stick is plugged into a PC to activate it’s malicious payload.  Sometimes, though, USB devices don’t even need to be plugged into the PC, so this is why they’re particularly tricky to identify and combat. Here are some of the most common hacks contained within USB devices:

  • USBdriveby – This USB stick is easily identified by the chain attached to it (apparently this is so the user can wear it round their neck!) and contains a particularly nasty surprise inside. Once plugged into a PC, it begins to imitate your keyboard and uses keystrokes to disable firewalls, opens backdoors to allow remote control and tells network monitoring apps that everything is okay.
  • KeySweeper – Disguised as a USB wall charger, the KeySweeper hack is a very well concealed device which uses wireless connections to identify and spy on local Microsoft wireless keyboards. And, by monitoring keystrokes, KeySweeper can quickly obtain login details and transmit these back to a remote location.
  • BadUSB – Another USB stick hack, BadUSB impersonates your keyboard to allow itself to reprogram firmware associated with your existing USB devices e.g. network cards can be reprogrammed to send users to sites containing malicious software which can soon infect your entire network.

All of these hacks are very simple, but can cause a lot of damage, so how do you combat them?

Combatting USB Hacks

rubber_ducky

Thankfully, when it comes to USB hacks, there are some very simple steps you can take to combat them:

  • Educate your users on the dangers of USB devices. Some hackers have been known to drop infected USB sticks in the car parks of large corporations in the hope that a curious employee will plug them into their work PC.
  • Never ever use pre-owned USB devices in your business, always purchase new devices which can’t have been tampered with.
  • Lock USB port use on the PCs that make up your business and only allow access to trusted administrators. This is perhaps the most guaranteed way to prevent any infected USB devices activating their contents as the USB ports will essentially be disabled and unable to do anything.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More