3 cybersecurity threats to watch out for in 2016
As more and more people go online and access new applications and technology, the world’s population becomes more vulnerable to security threats and cyber attacks.
Around four billion people or 50 billion devices are expected to connect to the internet by 2020, according to a statement released by CommunicAsia2016 Summit on Friday.
Pierre Noel, chief security officer and advisor of Microsoft Asia and one of the speakers at the upcoming CommunicAsia2016, said there are at least three new threats to keep an eye on this year.
1. Mobile Malware
Malware or hostile and intrusive software may soon invade mobile devices, which are now being used more often to connect to the internet. Noel said the world will see cybercriminals targeting mobile devices by infiltrating operating systems and releasing malware-infected applications.
Hacking into mobile devices will especially be attractive to cybercriminals as mobile payment systems become popular.
He said this will especially affect China, which has the most number of mobile users. Cited in the statement is a joint study by the Tsinghua University, Microsoft Research and China’s Ministry of Science and Technology, which found out that only a quarter of applications in China’s app stores are free from malware.
READ: Chinese national admits hacking US defense firms
2. Online extortion and ‘hacktivism’
More sophisticated ways of stealing information and taking control of devices connected to the internet are now being discovered by online extortionists and “hacktivists,” according to TrendMicro. One program so-called ransomware may increasingly be used by hacktivist. It is supposed to be one of the most dangerous types of malware and can be used to encrypt photos or conversations and force victims to pay the culprits to regain control of their online accounts and devices.
READ: Epidemic of ‘ransomware’ is growing hacking threat
3. Scams on password recovery, ‘phishing’
On the rise is spear phishing, which targets a specific organization by attempting to have unauthorized access to confidential data. Hackers who engage in it want to profit, trade secrets or get military information.
There is also “smishing” or SMS phishing, which also involves password recovery. The hacker would just need to get the victim’s email address and mobile phone number to dupe the user into giving access to his or her account.
“Companies must evolve from a simple, ‘protect and recover’ model to a more holistic protect, detect and respond posture that utilizes real-time insights and predictive intelligence across networks to stay ahead of threats,” Noel said.
He added that the key to countering cybercrimes are by “collecting actionable intelligence.”
“It is also critical for companies to strengthen their core security hygiene; adopt modern platforms and comprehensive identity, security and management solutions; and leverage features offered within cloud services,” he said. “It is just as important to create education and awareness across employee populations in order to build and sustain a pervasive security culture,” Noel noted. RAM
