HP TECH TAKES /...
New Cyber Security Threats
The cost of cyber terrorism is real and significant to businesses today. The harm they cause is increasing each year, with estimates showing that 78% of US organizations have fielded a cyber attack in the past year. The threats come with a price tag, too, with an attacked company spending roughly $13 million to fix the harm done.
What can companies do in the face of such a growing threat? One way is to stay informed of the dangers that lurk online. We'll go over the most anticipated new threats in cyber security to your business in the coming year.
What are cyber threats?
The term "cyber security threats" covers all intentional crimes against others using a computer. Types of cyber security threats include an attack on a single computer, a system, a network, or a group of each. The crimes vary and include fraud, theft, disabling networks, exploiting data, and harassment.
While most perpetrators use the internet to commit these crimes from afar, that's not always the case. Inside jobs are also possible by way of criminals accessing information stored on internal networks. Because so much of today's business is stored as electronic data, the reward for cybercriminals can be significant, with the risk to your intellectual property and assets very real.
10 cyber security threats to know about
As technology changes, the biggest threats to data and security will change, too. Right now, these 10 types of attacks have been identified as the most likely threats to today's businesses.
1. Deep fakes (video and audio)
Don't believe everything you see. Deep fake videos are everywhere, and they can trick most people with their deceptively placed footage or audio clips to make you believe what you're seeing is authentic.
They were first attempted in 2014 by a Ph.D. student-turned Apple employee, and these realistic videos have frightening consequences. Criminals may use deep fakes to blackmail or extort those falsely depicted in videos, even if they had no such legitimate connection to the contents. As more people turn to videos on social media to make decisions, the threat becomes more serious than ever.
2. Synthetic identities
Fake videos are one thing, but what about fake people? The rise of synthetic identities is a concern for consumers, who may find pieces of their data used to create false financial profiles.
By mixing the social security numbers, addresses, birthdates, and other unique data fields from several genuine consumer profiles, identity thieves can open accounts and steal funds on a massive scale. Those caught confess to creating hundreds of identities for their own nefarious purposes.
3. Phishing attacks
These aren't a new threat, but hackers are using innovative phishing methods to do their work. They send what looks like a legitimate email or text to a customer, and the message will contain a link to a third-party site that asks for personal data, which the criminal can use for fraud or theft purposes.
Recently, cybercriminals have used election-related fundraising efforts and COVID-19 alerts in attempts to catch customers off guard. If you send out business communications, ensure your audience knows how to tell it's the real deal.
4. Internet of Things
What started as home speakers and smart TVs now includes an entire world of connected devices in our homes and offices. While there's value in the easy access and hands-free assistance, there are also new risks to those who don't follow the best practices for security with devices and networks.
The Internet of Things encompasses more and more of what we use each day, with the newest items to market being at the highest risk. As tech developers and manufacturers churn out new gadgets, the security experts must work harder than ever to keep up.
5. Cloud jacking
Threats to cloud storage and servers go beyond just stealing information. These giant computing powerhouses are the perfect way for bitcoin and other cryptocurrency miners to mine data faster and for a better profit.
The concept of taking over a cloud-based server by force is called "cloud jacking," and it has potentially devastating consequences. Cloud jacking takes away resources from all who rely on that server or network for hosting websites, running machine learning programs, or storing data.
6. Machine learning poisoning
Machine learning is incredibly valuable, and companies may use it to provide personalized recommendations for consumers based on their shared data. Cybercriminals will try to exploit this user-generated information in one of two ways.
For example, they could try to alter the recommendation outcomes by spamming systems with bad data, causing the product or service to perform poorly. They could also take things further with Trojans or other types of malware that impact both the system and the user.
7. Social media disinformation campaigns
Professional fact-checkers exist because it's sometimes challenging to separate fact from fiction, especially online. Bad actors can disrupt the status quo by planting fake or misleading information in viral social media posts and campaigns that accelerate the spread of false info.
Businesses are especially vulnerable to these campaigns, and it often takes just one fictitious bad review to cause a PR nightmare. Taking a steadfast approach to monitoring brand sentiment, social media mentions, and public relations snafus is a necessary part of doing business these days.
8. 5G vulnerabilities
It takes time to work out the bugs of any new tech, and the excitement for 5G doesn't mean there aren't challenges for businesses when it comes to keeping things locked down. 5G, by its very nature, is more difficult to monitor because it involves more traffic routing points spaced closer together. Keeping an eye on wireless security is hard enough, and it's only amplified by all the devices connected to your home or business network. This means you have more security checkpoints to worry about than ever before.
There's also a real possibility that an increase in bandwidth will lead to a significant boost in the data you send and receive. This alone increases the chances of hacks, because there are more transactions to disrupt.
9. Ransomware in the public sector
In the past, the most egregious ransomware attacks were limited to individual consumers or the private sector. But as the government (state and federal) switches to online portals, we'll see even more attempts to compromise data and extort money or private information through ransomware attacks.
While there's always the risk that someone will try to take your data hostage, it's important to have robust backups and a plan for when things go awry to give you options that don't include paying the ransom.
10. AI-powered cyberattacks
We may think we're too smart to be tricked by an automated call or badly-written email, but what happens when artificial intelligence (AI) gets better at imitating speech and language patterns? Cybercriminals already use crude automated voice systems to act like humans and trick others into sharing private info or authorizing purchases and money transfers.
Experts anticipate AI to improve these or similar types of scams, although they are still largely a "what if?" at this point. AI becomes more powerful and frankly more intelligent over time, so we can expect these attacks to also become more sophisticated by their nature. It's essential for businesses to know how to distinguish these attacks from real human interactions and educate their employees and customers, too.
How to prepare for new threats
If all of this sounds scary or overwhelming to you, you're not alone. In fact, IT departments globally are increasing budget share to include more security-focused solutions and handle these cyber security threats.
About 12.8% of IT spend is going toward security measures, including training and infrastructure. Unfortunately, many are reporting a lack of skilled workers to help prepare for future threats. Almost 85% of companies state that they are having a shortfall in this type of employee hire and can't find qualified security professionals to fill the gap.
With tech (and the associated dangers) evolving, there's no time like the present to start looking to tomorrow. Whether you do more to build awareness with your existing teams or you invest in top talent available to start now, you can't afford to do nothing. Whenever new tech launches, there's a group of criminals at the ready to exploit it.
Even if you deal with legacy systems and products that haven't changed much in years, your websites, personnel records, and financial transactions depend on the tech of the future to help you keep doing the business you do so well. And by educating yourself about the biggest threats to cyber security, you can know the real risks out there and confidently invest in IT solutions to help mitigate those risks.
About the Author Linsey Knerl is a contributing writer for HP® Tech@Work. Linsey is a Midwest-based author, public speaker, and member of the ASJA. She has a passion for helping consumers and small business owners do more with their resources via the latest tech solutions.