Today: June 25, 2017, 2:18 pm
Computer & Technology

Cybersecurity needs to be on every organization’s agenda for 2017

A comment article by Matthew Gardiner, Senior Product Marketing Manager of Mimecast 2016-12-29 05:57:32
There's no reason to believe that 2017 will be any better for cybersecurity than it was in 2016. If anything 2017 will be even worse as cybercriminals continue to leverage social engineering and phishing techniques to find new vulnerabilities to exploit, develop new ways to monetize their activities and get through corporate defenses and target individuals. In 2017, cybersecurity battles favor criminals even more as vulnerable Internet of Things (IoT) devices will continue to expand the possible platforms of attack. Gartner estimates that by 2020 more than 25% of attacks in enterprises will involve IoT devices.

This past year, we saw cybercriminals becoming more sophisticated, threats becoming more advanced and cyberattacks causing more damage to organizations.

So as we approach 2017, let me share a few cybersecurity predictions which we, at Mimecast, see becoming even larger issues as we enter the New Year:

Ransomware becomes more regular and sophisticated

Ransomware will become one of the biggest threats that organizations will need to address, fuelled by an increasing multitude of attackers using off-the-shelf kits and leveraging a vast network of cybercrime service providers to run their ransomware campaigns. Ransomware represents an easy, cheap, and low risk attack method that produces significant profits for the attackers. In addition few organizations have effective defences against ransomware and now with Bitcoins and other anonymous payment systems enabling the perpetrators to get paid more easily, without being traced, it has never been so easy to make a good living off of ransomware.

Impersonation attacks in the spotlight

The media in 2016 have been very focused on ransomware attacks. However, one of the lesser publicized problems (but by some measures is larger in terms of its negative impact to organizations) are email impersonation attacks. Sometimes called whaling or CEO fraud attacks, these attacks can cost organizations hundreds of thousands in financial losses. In fact, according to the FBI, impersonation attacks led to more than $3 billion in losses over the last three years. We expect to see these attacks, because of the associated fraud and loss that they cause, as the next “it” attack flooding the media. There is nothing cheaper, easier, and less risky for attackers to do than just send well-crafted and timely emails which creatively requests for money to be sent to them. The attackers don’t even need to use malware for this, they just need to be clever with their social engineering

Macro malware still in the game

Once thought of as a thing of the past, macro malware which often hides in Word or Excel files, has reentered into the ring of popular attack methods. While most organizations choose to block executable email attachments at their security gateways by default, they generally still allow potential work-related files, such Microsoft Office documents, to pass freely. Attackers exploit this by weaponizing files in these common Office formats. According to Mimecast research, 50 percent of firms have seen email attacks that use attached macros increase over the last year. Why? It works well and can get through traditional AV-based defenses. And that’s why we’ll continue to see waves of macro malware into next year and beyond.

Reigning-in data residency and governance

Increased state-sponsored attacks will lead to more stringent requirements around data residency and governance, as well as increased focus on national-level firewalls to mitigate threats but allow regional business activity to continue uninterrupted. Advancements in managing internet traffic from different geographies may also become a focus as the global trade landscape changes. Unfortunately this comes with the risk of ‘balkanizing’ the Internet and restraining the free exchange of information.

Focus on data mining

One theme that is still overlooked, but should come into greater focus in 2017, is that cybercrime is not just about wire transfers and immediate and direct monetization of stolen information. Attackers are increasingly focused on data mining and will use the data they gather in more advanced future attacks, or sell it on the Dark Web for others to do the same. While more direct attacks such as email impersonation and wire transfer fraud is, and will continue be an issue in the future, organizations need to also think about where else they’re susceptible and ensure they have the appropriate protective measures in place against these longer tail attacks. Organizations need to determine which data of theirs could possibly be used to attack them or other organizations at a later time, and then take increased measures to secure it.

Cyber espionage to cause more political disruption

Nation states and their sponsored operatives will increasingly use cyber espionage to cause political shifts, disruption of adversaries, and to gain economic advantage in particular strategic areas. This will involve, but will not be limited to, email-based hacking and the disclosure of other forms of private communications, and the disruption of and interference with critical national infrastructures.

Employee education and taking adequate measures to protect organizations from cyberattacks will continue to be of high importance during the course of 2017 as cybercriminal continue to target the weakest link in an organization’s security: its employees.

Press Information
Conrad Offices, 19th Floor

Sheikh Zayed Road, Dubai

Sharon Divan

# 846 Words
Related Articles
More From The Author
Digital Shadows Report Reveals that the Mirai [..]
Dubai, UAE, December 26, 2016: Digital Shadows, a provider of cyber situational awareness, released its new report Mirai and [..]
Cyber security current and emerging trends for [..]
2016 saw a huge number and variety of cyberattacks, ranging from a high-profile DDoS using hijacked Internet-facing security cameras [..]
Bulwark Signs Distribution Agreement With Mimecast
Dubai, UAE, December 18, 2016: Bulwark, the UAE based and specialized Value-Added Distributor, announced that they have signed [..]
Top 12 Tips for staying safe online [..]
As the popularity of online shopping increases in Kuwait, so does the likelihood of falling foul of cybercrooks, not necessarily [..]
Cybersecurity/Cyber threats: 2017 the year of...
As we approach the year-end attention of course turns to what we can expect to see in 2017 and what [..]
More From Computer & Technology
Suprema to Premiere the BioEntry P2 at [..]
SEOUL, KOREA, June 19, 2017 - (ACN Newswire) - Suprema, Inc., a leading, global provider of biometrics and security solutions, [..]
Suprema to Unveil Biometric Intelligent Access Controller [..]
SEOUL, KOREA, June 16, 2017 - (ACN Newswire) - Suprema, a global leader in biometrics and security technology, announced that [..]
Cochin Web Host Launches New SSD Web [..]
The latest news for the no.1 company for web hosting India, Cochin Web Host, is the launch of premium SSD [..]
Give your Start-up a Digital Head-Start with [..]
A recent study suggested that mobile applications account for 89% of mobile media time. Furthermore, 80% of internet users around [..]
Co-founder of Sardina Systems wins UK DATA [..]
Tallinn, Estonia, 25 May 2017 – Sardina Systems has been announced that co-founder Dr. Kenneth Tan was rewarded with the [..]

Disclaimer: If you have any questions regarding information in this press release please contact the company added in the press release. Please do not contact pr-inside. We will not be able to assist you. PR-inside disclaims the content included in this release.