Consumers, business benefit from huge growth in tech and apps – so do ID-theft criminals.
The “Internet of things” adds tremendous benefits through devices and apps, but these “things” also create opportunities for ID-theft criminals to steal and use our information. To help you protect and mitigate the potential negative impact of the “internet of things,” which brings more users, apps, data, devices, and clouds than ever before, I recommend you particularly focus on six threat areas identified in the 2016 McAfee Labs Threat Prediction Report. According to McAfee, here's the take on the business side: "A dynamic workplace environment, highly mobile workforce, and rapidly changing workers’ expectations have blurred the concept of a network perimeter. Workers no longer stay within the confines of a trusted network, or the restrictions of a specific device, making them more productive, but security more difficult.”
“On the consumer side, the explosion of devices and the proliferation of exciting ‘free services’ – whether phones, tablets, wearables, smart TVs, or home automation – is fueling an exponential growth in personal data. Everywhere we go and in everything we do, we are leaving a digital trail,” reported McAfee. In addition, the question of privacy and privacy regulation on the collection, storage and sharing of information will continue to challenge businesses.
McAfee's 2016 cyber-risk threat predictions include:
Attacks through employees. Organizations will improve their information security and governance policies, implement the latest security technologies and processes, hire information security professionals and remain vigilant. Attackers are likely to shift their focus and attack businesses through their employees.
Automobiles. Security researchers will focus on potential exploits for connected automobile systems that fail to meet best-practice security policies. IT security vendors and automakers will develop guidance, standards and technical solutions to protect attack surfaces such as vehicle access system engine control units (ECUs), engine and transmission ECUs, advanced driver assistance system ECUs, remote key systems, passive keyless entry, V2X receiver, USBs, OBD IIs, remote link type apps and smartphone access.
Cloud services. Cybercriminals will exploit weak information security and governance security policies established to protect cloud services. A data breach event could risk business strategies, mergers and acquisition strategies, financials, and employee/customer data.
Hardware. Attacks on hardware and firmware will continue, and the market for tools that make them possible will expand and grow. Virtual machines could be targeted with system firmware rootkits.
Ransomware. Anonymizing networks (which allow users to access Internet services privately by using a series of routers to hide the client's IP address from the server) and payment methods could continue to fuel the major and rapidly growing threat of ransomware. In 2016, cybercriminals will leverage ransomware-as-a-service offerings, which could further accelerate the growth of the malware.
Wearables. Wearable platforms will be targeted by cybercriminals working to compromise the smartphones used to manage them. The industry will work to protect potential attack surfaces such as operating system kernels, networking and Wi-Fi software, user interfaces, memory, local files and storage systems, virtual machines, web apps, and access control and security software.
Mark’s most important: Assume your information will be exposed. Understand the latest threats. The “Internet of things” brings significant benefits for consumers and business owners yet also creates opportunities for ID-theft criminals.
This article was originally published on AZcentral.com and republished with the author's permission.