Cyberthreat checklist: Key facts about the top threats today and in the future

In 2017, the WannaCry ransomware attacked hundreds of thousands of organizations and brought both large hospitals and small medical practices to their knees. Fast forward to today, and many criminals are resorting to something called “cryptojacking” to steal resources from unsuspecting businesses and individuals.

In the coming months, there will be other major cyberattacks that will grab headlines and cause widespread panic. Companies, especially small- or medium-sized businesses (SMBs), are going to have to steel themselves against the next wave of cybercrime.

The question is, are you prepared?

Tick the boxes if you believe you’re prepared against the top cyberthreats today.

☐ A new wave of ransomware

Malware remains a major threat to businesses of all sizes at present and in the foreseeable future. Malicious software, created to infect computers and entire IT infrastructures, will continue to evolve. Hackers are going to deploy new breeds of ransomware to target a variety of sectors, infiltrate more and more systems, and earn more from their exploits.

Despite the fact that the WannaCry ransomware was eventually defeated, businesses in 150 countries suffered major disruptions. It’s predicted that attacks on healthcare organizations could quadruple by 2020.

Recently, a new type of ransomware called LockerGoga terrorized industrial organizations by infecting computers that control physical equipment. This shows that hackers are working overtime to come up with even more insidious ways to steal money and disrupt businesses.

☐ Malicious AI-driven chatbots

Chatbots are meant to make human lives easier by automating repetitive tasks, operating social media accounts, alerting users of newly published content, and more. But they can also cause harm.

Malicious chatbots cause harm by spamming chat rooms with advertisements that trick people into revealing their sensitive personal details such as bank account numbers and the like, via social engineering tactics. They can also be used to operate large numbers of fake accounts to manipulate people, spread disinformation, and even broadcast extremist viewpoints on social media.

Soon, highly advanced AI-driven chatbots will be able to present themselves as human users, thanks to the evolution of natural-language processing, which turns enormous amounts of data into computer-generated responses and conversations. When that happens, malicious chatbots will be able to deliver customized propaganda and mislead more human users.

☐ Weaponized data

With large volumes of data floating around the internet, hackers have plenty of “resources” to take advantage of. Despite cautionary tales of sharing private information online, millions of web users are, unfortunately, unaware that by signing up for a seemingly innocuous service like Facebook and loads of other websites that collect their data, they’re putting their own security and privacy at risk.

Signing up for and maintaining a Facebook account is not inherently dangerous. But users need to know that by doing so, a huge amount of their personal information is readily accessible to various third parties.

Conducting what was called an “emotional contagion experiment”, Facebook was able to manipulate news feeds to assess the effect on users’ emotions. And Facebook users who like and actively engage with brands and indicate their interests in the social media sites are all potential victims for this and similar instances where users’ data are collected and weaponized.

☐ Software update supply chain attacks

A “software update supply chain” attack involves hacking a third party service provider in order to gain access to their customers’ data. An example is the Target data breach of 2013. Fraudsters got hold of credit and debit card information of around 40 million customers after they infected several Target stores' POS systems with malware.

In a software update supply chain attack, malware is snuck into a software package from a trusted provider, like Microsoft or any software or technology company, to infiltrate even more systems. This type of attack is attractive to hackers because they can infect a larger number of targets due to automatic updates.

In 2017, there was an average of one supply chain attack every month, compared to four attacks per month in previous years. Recently, technology company ASUS was infected by malware through its automated software update system, affecting 500,000 users. It is projected that such attacks will increase in the next year.

Think you’re prepared to combat these and a variety of cyberattacks? If you believe that your business in Middletown, Orange County, or Bergen County can benefit from comprehensive managed IT services, call the IT consultants of Hudson Valley IT Services today.

If you want to learn more about the right kind of cybersecurity solutions for your organization, download our FREE eBook, 3 Essential Types of Cybersecurity Solutions Your Business Must Have to get you started.