At the end of the 2005 blockbuster film Batman Begins, police officer Jim Gordon makes a point about crime and escalation. In a nutshell, he points out that no matter how sophisticated law enforcement becomes, there will always be those criminals who who are willing to take things to the next level, and as both sides work to gain a clear advantage, very little ever actually changes.
In few areas does this seem to apply more than in cyberspace. As computer systems advance and grow, virus protection firms work tirelessly to create new defences intended to keep sensitive data safe from the criminals who would steal it. And as they do so, black-hat hackers around the world put just as much effort into defeating these new security measures.
And so, as we enter a new year, we’re faced with a new crop of potential cyber threats. Anti-virus giant McAfee has recently released its own report on the kinds of cyber-threats we may begin to see in the next twelve months, and the top contenders to make the list may surprise you. Here are seven cyber-threats to look out for in 2014, and how to protect your information from them.
1. Mobile Malware
Up until recently, mobile smart device users have lived a relatively safe existence. However, all of that looks like it’s beginning to change. Where once most new malware being created was designed to target desktop and laptop computer systems, a recent surge in mobile-specific malware may be cause for smartphone and tablet users to worry.
During the last two reported quarters, new malware designed for personal computers has remained relatively stagnant, while new malware for mobile platforms has increased by 33%, with no signs of slowing down.
The best way that mobile users can protect their data is by making sure that they keep their operating system up to date. As new threats are discovered, providers make updates in the hope of eliminating possible exploits. As such, those who don’t keep up with their updates, may find themselves vulnerable to attack.
2. Gray threats
As cyber-threats become more advanced, it’s becoming more and more difficult to divide the mass of programs and applications into “good” and “bad” categories. Instead, an increasing number of “gray” applications are being found. To correctly identify these threats, online security firms will have to turn towards big data to develop multi-layer security protocols to help determine which ones can be trusted, and to what extent.
These analytics tools will help users identify dangerous threats, so that they can be quickly dealt with before they can do persistent and lasting damage. Users will simply have to keep up-to-date on all new security findings, so that as advances are made, they’re able to remain at the forefront.
Ransomware first reared its ugly head years ago, as malicious programs that invade a system and hold certain functions or data hostage. Users were told that by paying a certain “fee,” the locks would be disengaged. Now, classically this form of cyber attack has been easy to stamp out, by having law enforcement agencies simply follow the money’s “paper trail.”
However, as virtual currencies such as Bitcoin become more widely used, agencies are finding that unreal money can’t actually be easily “tracked.” Most ransomware is spread through booby-trapped email attachments, so the best thing that a user can do to keep from being infected is to not open suspect emails. Also, be sure to keep your antivirus software and browser plug-ins up to date, so that ransomware can’t force its way into your system. If you’ve been infected by ransomware, the first thing you need to do is remove the malware.
As for the encrypted files, well, there’s a good chance that those will stay encrypted and inaccessible whether you decide to pay or not, so the best thing that you can do is backup all of your important data on a separate platform (or in the cloud) before you run into any problems. That way, you’ll be able to replace encrypted files without having to pay the ransom.
4. High-profile attacks
If it seems as though more and more big businesses and government agencies are falling prey to cyber attacks, it’s because they are. In the last year, major institutions such as Target, The New York Times, Twitter, and even the Washington State Administrative Office of the Courts have all been compromised in one way or another. Unfortunately, these institutions often retain sensitive information (such as credit card and social security numbers) about customers and citizens, which means that when they come under attack, so do you.
You can defend yourself by keeping your personal information in as few locations as possible, and by limiting the locations in which you use credit cards. Also, keep a close eye on all of your bank statements, and be sure to report any suspicious account activity that you haven’t authorized. If you’re afraid that your business might be targeted, (and in all likelihood, it eventually will) proper certificates can keep corporate files safe.
To make sure they're in compliance with current policies and up to date, you can run them through programs that scan IP addresses for errors as far as ssl is concerned. Policy complianceis vital if you want to keep your corporate information out of the wrong hands.
5. Social network breaches
Social networks like to collect as much data about their users as possible, which is why they’re such tempting targets for cybercriminals. However, the best way to keep yourself safe from a social media breach is to simply not keep any sensitive personal data on social media sites.
When Facebook asks for a mobile telephone number, decline. When Twitter wants you to update your profile, ignore the request. If you find that social media is getting too pushy, then discontinue using it. If knowing what your friend had for lunch is putting you at risk, then you’re better off not knowing.
6. HTML5 exploits
HTML5 is an operating language used in the creation of websites, and allows for more interactivity. Unfortunately, when cracked, it can be used for all kinds of nefarious purposes, including monitoring browser history.
The real issue here is that for these kind of attacks to be prevented, new systems will have to be designed with not-yet-existing security measures. That means that as a user—short of going to programming school, learning the language, and double checking each site—there’s probably not much that you can do to protect yourself. Let’s keep our fingers crossed that new security will be developed soon.
7. Cloud attacks
This one is something of a pickle. As personal data storage becomes less secure, many users are choosing to store vital information in the cloud. Unfortunately, criminals recognize this trend, and as 2014 progresses, you can bet that these criminals will turn their sights towards cracking cloud databases No security system is ever 100% secure.
Eventually, cloud databases will be compromised. When that happens, only the users that chose to backup their files on external, isolated hard drives will be able to avoid the devastation of data loss.