January 5, 2016
Hacktivism, Malware, Cloud Security: A Review of Our 2015 Update
It’s likely that in 2016 companies will continue to be confronted with various dangers surrounding IT security. Here’s a look back at a review of our 2015 update on some of the leading risks.
In 2012, we took a look at some of the top IT security threats faced by companies; since then how has the threat landscape changed, and where are businesses best served spending time and money?
Three years before 2015 we talked about the emerging subset of hackers called “hacktivists” who don’t compromise networks for profit alone, but also have other, often nationalistic or privacy-based motives. The hacker group Anonymous is a good example of hacktivism, which can strike any business that runs afoul of popular sentiment online. As noted by Info Security magazine, hacktivism has gone global — hackers from the Middle East are now traveling to Eastern Europe for “training” before launching their attacks. Bottom line for companies? No business is immune; it’s worth spending on cloud-based business continuity to limit the impact of an attack.
In 2012, malware was starting to migrate across platforms — mobile devices were becoming popular targets. In 2015, the landscape had changed significantly. Apple’s iOS and Mac OSX, once thought almost invincible, were revealed as being susceptible to malware threats, while wearable devices offered a whole new attack vector for hackers. According to Gizmodo, it’s now possible to infect popular activity tracker Fitbit in less than 10 seconds. Avoiding malware means utilizing a combination of on-premises and cloud-based security (learn more) to both detect attacks in progress and flag suspicious programs.
Social Media Threats
Social sites like LinkedIn have long been a part of corporate culture, but since 2012, Facebook and Twitter have also made significant inroads. Noted by Tech Target, however, these platforms make the ideal attack platform for malicious actors. While most users avoid opening suspicious emails or downloading unsolicited attachments, many can be fooled into clicking on malicious links or giving up their personal information — which may in turn compromise network security. Best bet? A solid social media policy that acknowledges its use in the workplace, but also defines specific use guidelines.
Secure Data in the Cloud
In 2012, we recommended delineation between personal and business-use clouds; in 2015, the cloud security had significantly expanded — both large tech companies and startups offered data protection. With so much to choose from, Forbes recommends taking the time to dig deeper before signing any service-level agreement: Ask prospective providers about specific steps they take to isolate customer data and take a hard look at the fine print — how and when are cloud services updated, and how does this affect your access?
Controlling the Mobile Workforce
With BYOD (our solution) now common across both enterprises and small businesses, it’s no surprise mobile malware has soared since 2012. According to Information Age, the number of malware attempts on mobile devices increased by 75 percent in 2014 alone. Android was the most popular OS under attack, and in most cases, malicious code fell into the “adnoyance” category, which simply irritate users by displaying unwanted ads. However, these bits of malware are merely precursors; companies must continue developing secure network strategies to ensure only authorized users have access to critical company data and that any devices on the network are regularly scanned for malware.
Finally, in 2012 we talked about the convergence of data and wireless along with 3 G and 4 G networks, creating an ideal environment for hackers looking to eavesdrop on calls or interrupt VoIP services. According to Toolbox, effective VoIP security in 2015 required an understanding that voice and IT security at large are essentially identical: Put simply, effective cloud security is a necessity if companies want to protect their communication assets.
In summary, IT security remained a top priority for companies in 2015. The big takeaway over the years, between 2012 and 2015? Much like technology at large, security has converged: The best cyber security strategies are holistic and inclusive.
Enter your email address below to receive updates each time we publish new content.