There’s no denying that 2017 was a bad year for cybersecurity. A report from Malwarebytes revealed that the overall volume of attacks had increased by 96 percent from the previous year, with a number of high-profile cyberattacks – such as May’s WannaCry ransomware attack – making news headlines worldwide. So can we expect a reprieve in 2018? It seems unlikely – which is why it’s all the more important for businesses and individuals alike to be alert to the risks of cyberattacks in the coming year. Here are three cybersecurity threats we expect businesses to have to confront in 2018.
- Ransomware attacks. The past few years have seen cybercrime shift from largely isolated, individual attacks, to larger-scale cyberattacks by organized gangs of cybercriminals. Ransomware – which blocks access to data unless the user pays to have it released – can be used to target businesses and has the potential to net cybercriminals vast sums of money for relatively little effort. In the past year, cyberattacks have revealed that many organizations have inadequate cybersecurity measures to combat ransomware attacks, and in 2018 we will see more cybercriminals exploiting this.
- Employee awareness. It may sound harsh, but no matter how well-crafted your cybersecurity policies and procedures are, they mean nothing if your staff – at all levels – aren’t educated, competent and alert to the danger of cyberattacks. Even today, many successful hacks and corporate data losses are as a result of an employee clicking in good faith on an email link, or falling victim to a social engineering Cybercriminals are developing ever more devious ways of exploiting naivety, lack of understanding or lack of training to gain access to company devices and networks. Your cybersecurity strategy should incorporate education and training on how to avoid cyberthreats, as well as structuring your company’s data so that only those with the appropriate need and training have access to it.
- There are a couple of ways in which we see malware becoming a bigger threat in 2018. First, expect it to be more targeted. The past couple of years have seen organized cyberattacks on businesses of all sizes, and this is going to continue. One particularly devious technique involves not attacking a target company directly, but rather infecting a partner company in their supply chain with malware that can, for example, attach itself to invoices or payment documentation being sent to the intended target. A related threat that has the potential to make the spread of malware even harder to fight is leaked exploits: vulnerabilities that have actually been used by the National Security Agency and other government bodies to conduct surveillance and gather evidence, but which have leaked and can now be used by cybercriminals to infect target devices.
For businesses whose cybersecurity is lacking, now really is the time to plug those gaps. If you want to increase your chances of seeing out 2018 free from cyberattack, it’s vital to plan and implement a robust cybersecurity strategy, as well as an overall data management strategy that ensures your data storage is robust, protected and, perhaps most importantly, backed up.