Cyber security trends in 2017

Cyber security trends in 2017

2016 saw a large and diverse number
of cyber attacks, ranging from high-level
denial of service attacks

By penetrating the security cameras networked to the alleged

 piracy of party officials during the American election.

 In addition to the rising wave of data breaches, in large and small organizations,

 and a large loss of personal data to the public.

So with the end of the year approaches, Sophos monitor the impact of these

 trends on the 2017 year.

Current trends and projected attacks

Increase the "denial of service" attacks devastating:

In 2016, "Mireille" attacks showed the enormous destructive power of denial 

of service attacks as a result of the use of devices

Internet related technologies unsafe things techniques. And taken advantage of,

 "Mireille" attacks, a small number of devices and gaps through the use of

 Guess passwords basic techniques. However, cybercriminals considered the 

easiest way to expand the scope of the attacks given

There are many things that run through the old blade system for Internet devices

 based on the same bad maintenance of software and operating systems

Bearing well-known security flaws. And thus it is expected to exploit

 the Internet of Things technologies, and the use of improved techniques to

 guess passwords

And the targeting of things Internet devices are most at risk of denial of 

service attacks and possibly exploited in

Targeting other devices in the network.

The transformation of the individual penetration to target social networks:

Preferably cybercriminals exploit deficit points and gaps in humans. 

But with the evolution of attacks and targeted to trick users

 Seek and push them to fall victim to penetrate. For example,

a common e-mail messages that target specific users

Using convince him by winning a large sum of money and to

 get it we must go to the link and recording data, and convert it to another link

 Contain malicious software by simply clicking and accessible exposed 

to penetrate, such as these kinds of attacks are no longer effective

It is no longer difficult to identify and falling in it as a kind of error.

The infrastructure of the financial sector is in great danger:

Use tricks targeting phishing continues to grow. These attacks are

 using detailed information on corporate executives to deceive

 Employees to pay for fraudsters or data leakage. As it expected more

 attacks on important financial sector infrastructure, such as

It linked the attacks to "Swift" to link networks and institutions 

which cost the Central Bank of Bangladesh $ 81 million in February.

Swift recently acknowledged the existence of other attacks of the same kind,

 and they expect to see more, pointing to a letter leaked to bank customers

It includes the following "an ongoing threat, adaptable and sophisticated - and

 is designed to last."

Exploit Internet infrastructure inherently unsafe:

All Internet users rely on an old traditional protocols, which are almost

 impossible to repair or replace them.

 This ancient protocols that have long been the backbone of the Internet

 networks and business prone to crashes

 Snap at any time. For example, it can cause attacks against (the gate) protocols,

 to disable a large portion of the Internet.

As it happened in the denial of service attacks on the "Custodian of religion" 

last October (which was launched by a myriad of devices

 Internet of Things), and brought to a halt Internet services, as well as 

to penetrate parts of the network.

This was one of the biggest attacks memorably expressed perpetrators of

 these attacks from being just the beginning of nothing else. Service providers can

 Internet companies widely taken some steps to respond, but they may fail 

to prevent serious damage if he decides

Individuals or nations to exploit security holes deep for the Internet.

Increase the complexity of the attacks:

Increasing attacks accompanied by many technical and social elements,

 reflecting cautious, and the length of the verification of the victim's 

enterprise network system.

The attackers violating many of the servers and workstations before proceeding 

to steal data or to act aggressively. Experts have confirmed

These attacks are attacks strategic, not tactical, and can cause much more damage. 

In short, it is a world

Very different from the automated software and malware.

Intensify attacks using tools and programming languages ​​embedded:

It is expected to increase penetrations through the exploitation 

of programming languages

 ​​"Power Shell and Microsoft" to automate operational tasks. It is

 expected to intensify attacks

 By trying to penetrate already on the network administrative tools 

without having to sneak inside the network and exposure to suspicion.

 So should these powerful tools of controls to protect the court better.

The evolution of the ransom Software:

After many users know the risks of an attack ransom via e-mail, it was

 the criminals to explore other means.

 Some resort to harmful software that impact later in the show long after

 the payment of ransom, and some resort to the use of

Some built-in tools and malware executable to avoid detection by

 protecting endpoints that focus on systems

Executable files. Modern examples are based on decrypt files after 

the victim's post to software ransom with two friends,

 And those friends are driven to pay the ransom in exchange for 

decrypt their files. Software developers ransom began to also use techniques

 Other away from the encoder, for example deleting or corrupting files 

addresses. Finally, with the spread of the old version of the software

Ransom in the Internet, a victim of the attacks, which can not be treated

 as payment sites are no longer working from the ground up users may located.

Attacks on household stuff Internet devices:

May not be able Users of Internet devices household things of note or

 even interest in their children's breach of surveillance cameras

 And whose goal is to be the attack on the person or site Last, but once

 you break through the attackers to a device connected to a home network 

have a chance

Compromise other organs, as organs and laptops that contain sensitive 

personal data. It is expected to increase such quality

Of the attacks as well as attacks penetrate the cameras and microphones 

for the purpose of spying on the family

 Online criminals always find a way to win.

The spread of spoiling and puncturing advertising systems on the

 internet campaigns:

Spreading malware through ad networks and pages on the Internet,

 customary for years.

But in 2016, it widened the scope of the growth of these attacks significantly.

 The attacks have caused significant problems in all parts

 Ad system, such as clickable fraud, which generates for Many clicks

 on links do not reflect the interests of the user.

 And be the primary purpose of these attacks compromise users theft of

 advertisers at the same time.

The downside of encryption:

With encryption trading and spread, security software task became much 

harder to lose data traffic, making it easier for

 Cybercriminals to infiltrate the network without revealing their identity, 

and thus leaving no room for astonishment, the use of cyber criminals

New and innovative ways. Therefore you need security protection software

 for tight integration between the potential and the identification

The security events after decoding in the final points.

Focus on breakthrough virtual reality systems and cloud computing:

Increasing attacks against the physical hardware and the concrete has

 increased the probability of the risk of attack on cloud computing and 

virtual reality systems,

 It is possible to exploit the attackers of the host or any of the participants

in the host users, through the models distinct attack,

 And access to the data of others and perhaps the entire content, or server

 less eco-system, which has become more popular, and that

Increase efforts to discover the attackers and Astfilal gaps in this relatively

 new trend in the field of computing,

And it expects further attempts to activate these kinds of attacks.

Technical attacks against states and societies cyber-attacks on a political

 basis continues to increase:

Communities face increased risks of each of the misinformation 

(For example: "News Phantom") and bargains

Voting system. For example, researchers demonstrated attacks that 

could allow local voters to vote through fraud

 Repeatedly without discovering it. Even if states did not participate

 in attacks against opponents in the elections,

Just think of the possibility of such attacks is a powerful weapon.

Tips for institutions to protect against the risk of emerging threats

Unfortunately, many still lack the basics of security systems, and therefore 

offer six measures should

Institutions follow to help protect against the risk of complex threats.

The transition from the interim protection Integrated Security:

Many organizations now has multiple solutions, which were the best of its kind, 

but it is now very expensive and difficult to control.

 So should the transition to integrated solutions, where all the components 

communicate and work together to eliminate the threat. For example,

If malware infected end points, carrying the protection is not enabled software,

 network security should put the device in the stone

 Health, reducing the risk to the whole environment.

Adoption of the next generation of protecting endpoints:

With the spread of the ransom software and diversity of endpoints, 

organizations must re-focus on protecting endpoints. But solutions

 Based on electronic signature are no longer sufficient on its own, and

 thus the loss of full protection from attacks. You must choose solutions

 That reveal and prevent behaviors and techniques used in everything 

that surrounds any breakthrough.

Identify risks priorities:

Possession of any organization of resources to ensure comprehensive protection

 and the prevention of 100% of the threats is no longer realistic. And therefore 

has to be clarified

The risks associated with each system, and focus efforts accordingly. The risks 

are changing rapidly. And the search for tools that are dynamic

And rapid response, and ensure that those tools are easy and practical

 enough to be used.

Automate the basics:

It should not waste time in the preparation of the same reports

* and perform the same security functions owned institutions. 

So should automate all

What can be accomplished in a simple and easy, so you can focus scarce 

resources to confront the serious risk and high value tasks.

Build a network of staff and operations to deter and mitigate the social attacks:

Due to the presence of the social scene of attacks in the lead now, inform and 

educate the users and their involvement in prevention is to become the most

 Important now .. the focus of education on every possible combination of threats. 

Sure to always update. Old guidance on

 Topics such as sexual exploitation and phishing could backfire, and provides 

a false sense of security.

Improving coordination Defender:

Cyber-crime is a crime organization, and therefore must defend the organization, 

too. 

This means choosing the tools and processes that repeal

 Barriers within the organization, so that anyone can respond to the same attack. 

That might mean also search for legal jobs

 And the process of cooperation with other companies 

or with the government,

 to be able to alleviate the large-scale attacks and learn from

 the experiences of others.