Between jailbreaks, ghostware and headless worms, today’s IT security environment can feel less like real life and more like Ghostbusters 2. Regrettably, these dramatically-named security threats can have equally disastrous consequences to your company’s information security if you don’t take the time to understand them and preempt any attacks.
Today, we’re diving into the top IT security threats of 2016, providing you a look into what can happen if you fail to act and offering some tips on how to prevent a crisis.
Ghostware and two-faced malware
We’re starting things off with two threats that are (at least for now) a bit further off: ghostware and two-faced malware. But it’s not time to relax. These threats could have disastrous effects on your company’s information security.
Two-faced malware is an anticipated evolution of malware, where the program is designed to execute an innocent task to pass security detection and then, once it clears protocols, execute a malicious process. Ghostware, on the other hand, is malware written to penetrate networks, steal data and erase all traces of itself before security measures can detect that a compromise has taken place.
Here’s the good news: these forms of malware haven’t been detected yet. The bad news? An early form of the malware called blastware, which self-destructs and wipes out a hard drive upon detection, was first observed in 2014, setting a precedent for this kind of invisible malware that reacts upon being detected. Also, two-faced malware and ghostware are designed to avoid detection long-term, so it may already be out there. Paranoid yet?
Many devices in the Internet of Things are “headless”—they lack a user interface and are controlled remotely. However, they’re still hackable: in fact, new viruses (often called “headless worms”) have been created to exploit this, take control of devices and access their information. New research shows that it is possible to infect headless devices with small amounts of code, leading to machine-to-machine attacks that come from formerly harmless devices like Fitbits and vending machines.
To protect against these headless worms, it’s essential to implement a security approach that begins whenever a new device is introduced to your network. Consider introducing secure booting to generate digital signatures, controlling device-based access and adding authentication measures to the network. By implementing these measures to track and control the devices on your network, you go a long way in securing your company’s information against worms.
This year, the Internet of Things is expected to include over 6.8 billion devices, including smartphones, fitness trackers and (of course) your printers. The sheer number of connected devices gives hackers unprecedented access to a larger network and volume of information—and since many of these devices have less security around them than computers, it’s easier than ever to break into the system.
However, new technologies are being developed right now to keep the Internet of Things safe. At the forefront is machine learning, in which algorithms comb data for patterns and make predictions about what may happen in the future. More and more companies are applying this process to security in order to quickly and efficiently identify breaches. In February, MasterCard Inc announced that a new machine-learning technology had helped to quickly control three separate cyber attacks that targeted automated bank tellers, limiting damages down to thousands—instead of millions—of dollars.
However, machine learning alone isn’t solving machine-to-machine attacks. Instead, it’s combined with improved safety processes to isolate affected devices, alert affected parties and salvage the situation. If you’re going to implement a new security technology, then, don’t forget to change up your processes accordingly.
Ransomware and corporate extortion
In ransomware attacks, the hacker locks out users and holds their devices’ information for ransom, occasionally encrypting device data to make it extremely difficult to get rid of the ransomware without paying up. While ransomware has been around for a while, it’s recently become much more sophisticated—and geared more at companies than at individuals. In fact, in 2015, Kapersky Labs detected cryptolockers (a form of ransomware) on more than 50,000 corporate machines.
To protect your company against extortion through ransomware, you need to institute a multi-front strategy to protect devices, employees and stakeholders from attacks. This needs to include malware education for all employees, regular updates to software and applications and comprehensive file backups.
These threats are all real, and they’re serious. However, you can take proactive steps that will protect your company’s information from attacks today and tomorrow. Check back here on Thursday for five things you can do today to increase IT security in the long term. In the meantime, learn how to make your print processes more efficient: our eBook, 6 Steps to Recharge Your Managed Print Process, can get you started.
Photo credit: GotCredit via Flickr Creative Commons