Cyber security has consistently hit the headlines during 2017, especially the spate of large-scale WannaCry and Petya ransomware attacks. There have also been some notable hacks on businesses and government systems too, including the theft by North Korea of the US and South Korea’s war plans. Predictions for 2018, continue to be gloomy, with the added concern that Wi-Fi networks could be the next big target.
In what ways will cyber-attacks develop in 2018?
As technology develops, it opens new ways for cybercriminals to hack and infect systems. As we shift ever more towards mobile internet usage and begin to use more and more Internet of Things (IoT) devices, it is these areas where vulnerabilities are likely to be found. And, of course, where there are vulnerabilities, you’ll find hackers trying to exploit them.
That doesn’t mean that criminals will abandon their traditional tactics altogether. Whilst ransomware hasn’t been in the news for a few months, it doesn’t mean it has gone away. New and more potent versions of the software are being developed and it is only a matter of time before we see another large-scale attack.
The same applies to other forms of hacking. Cybercriminals are constantly developing more sophisticated methods for breaking into systems and spreading malicious code. Perhaps most frighteningly, though, is that with the expansion of the dark web, there is a marketplace from which they can sell them on to any criminal gang willing to pay for their services.
A KRACK in the Wi-Fi armour
Perhaps the scariest threat facing us in 2018 is the recent discovery of a vulnerability in the security protocol of Wi-Fi systems. Nearly everyone uses Wi-Fi, whether on a home network, business network or one of millions of Wi-Fi hotspots we rely on in public places. We also use Wi-Fi with a lot of different devices: laptops, tablets, phones, wrist devices and IoT equipment. We use it for every conceivable kind of purpose, too including sending sensitive information, logging into accounts and for financial transactions.
It is not good news, then, that the vulnerability known as KRACK works against all modern Wi-Fi networks. At present, no network or device that uses Wi-Fi is safe. Hackers can exploit the vulnerability by intercepting the authentication process that takes place when your device connects to a protected Wi-Fi network. This enables attackers to eavesdrop on all the data you send and receive over the network, including credit cardÂ numbers, passwords, chat messages and emails. Not only can this be used for theft, it can also be used for blackmail and other types of crime.
The vulnerability also lets hackers use what is known as HTTP content injection. This basically means they can sneak malicious code into the websites you’re surfing and infect your devices with ransomware or viruses.
There are four pieces of advice to help protect you from KRACK attacks:
- Make sure all your devices operating software or firmware is up-to-date
- When surfing on W-Fi networks, only visit sites with HTTPS connections
- If possible, use a VPN to connect to the internet it’s safer
- Make sure your anti-virus software is up-to-date
Traditional hackers going for the big fish
Attacks on small and medium-sized businesses will continue to rise in 2018 simply because many of owners do not have adequate security in place. This is partly because they believe they have nothing worth stealing. Whilst it might be true that your data has no value, hacking your system or website means it can be used for all kinds or underhand purposes, such as spreading malware or sending out thousands of spam emails.
It looks, however, that even robustly defended enterprises are going to come under more sophisticated attack during 2018 – especially if the data they hold is valuable. The recent case of the Equifax hack which, according to the Washington Post, resulted in the theft of the personal details of 143 million Americans and according to The Telegraph, 44 million Britons, is a prime example.
Equifax is a credit rating agency, it’s role is to help loan companies, banks and other businesses decide how financially secure you are when you apply for credit. To do this, it needs to collect and hold all kinds of extremely sensitive information about you in order to provide a credit score. It will have details about your income, your current and past loans, your monthly direct debits, your bank and credit cards accounts, as well as bad debts, missed payments, overdrafts, county court judgements and all manner of other things. It will also keep details on who you are financially linked with and their financial security.
This data is now in the hands of cybercriminals.
The implications of this are huge. But for other companies out there who hold data about their customers, it is absolutely crucial that during 2018, you ensure it is as securely protected as possible. Failure to do so can result in law suits by those whose data has been stolen and, after the GDPR regulations come into force in May, you could be fined up to 4% of global annual turnover or 20 million whichever is the highest.
Cybercriminals now using artificial intelligence
Cybercriminals are now using artificial intelligence to scam businesses. One example is the Business Employee Compromise (BEC) scam which uses machine learning to send fraudulent emails which trick employees into wiring company funds to the attacker’s bank account.
With the BEC scam, artificial intelligence is used to employ sophisticated social engineering techniques. It helps attackers identify potentially vulnerable employees and manipulates them into sending the money.
According to McAfee, the availability of these AI tools on the dark web means that we are likely to see a significant rise in their use. What helps this, is that that much of the data needed to provide the intelligence about specific businesses and their employees is available in the public domain. Online publication of names, roles, email addresses and employee profiles, together with social media information from sites liked LinkedIn and Facebook, makes it easier to gather the data needed.
10 tips to secure your system in 2018
To protect against the increased threat of hacking in 2018, we recommend you take the following steps:
- Update to the latest versions of your software
Legacy software is an open door to attackers who have the web monitoring tools to find companies using vulnerable apps. Always update to the latest version.
- Keep up to date with developers guidelines
For increased security, always follow the software developers guidelines for keeping their application safe. Make sure you are signed up to receive email updates so if a vulnerability is found you can take action quickly.
- Switch to HTTPS with site-wide SSL or TLS
With Wi-Fi vulnerability likely to be a big concern in 2018, it’s even more crucial that you enable site-wide SSL (Secure Sockets Layer) to encrypt links between a server and a client. Even more secure is Transport Layer Security (TLS) which splits encrypted communication between two servers so, even if data intercepted and unencrypted, only part of the data will be present. Both SSL and TLS can be used with HTTPS.
- Make sure you use intrusion prevention tools
Intrusion prevention tools can offer robust protection for some of your apps and can be enabled using cPanel or Plesk.
- Use .htaccess file to keep your site secure
Adding a few lines of instructions to your .htaccess file can block unauthorised access to the database and admin area of your website, whilst stopping unauthorised directory browsing and the access to files.
- Ensure you use a vulnerability scanner
Vulnerability scanners such as MTvScan can ensure your site is continually monitored for software holes, malware and intrusions.
- Regularly backup your data
Not being able to recover quickly from loss of data or website content can put you out of business. The best way to protect yourself is to regularly backup your website and database files. This way, if you are hacked, you can restore your website quickly and inexpensively.
- Enable your application firewall
A securely configured firewall can protect you from cross-site scripting and SQL injection attacks. It will block malicious HTTP requests which don’t conform to your pre-set rules.
- Use a high-performance network firewall
A network firewall can protect your website from sophisticated cyber-attacks. At eUKhost, we use a Next Generation Network Security (NGNS) platform from Fortigate.
- Forget passwords use a credential vault
One of the biggest security weaknesses faced by many companies is poor password management One of the best ways to achieve password security is to use a credential vault. These create highly secure passwords for users but the users themselves never know what the password is. Instead, they just need to validate their credentials. Doing this guarantees that the user can’t lose or give the password away.
2018 is going to see a widening of scope in where cybercriminals attack. Weaknesses in Wi-Fi, hardware and IoT devices will give rise to new ways for criminals to hack, steal and spread malicious software. At the same time, advances in hacking technology, such as in AI and machine learning, will make criminals have even more sophisticated tools at their disposal.
In response, we may see some of the security firms developing specialisms to deal with the widening nature of threats. With governments being targeted even more, we may also see increased government funding for fighting cybercrime and bigger penalties for those who carry it out.
eUKhost provides a wide range of effective security measures to protect our clients, including SSL, website backup, SpamExperts email protection, site monitoring and intrusion protection, Mtvscan vulnerability scanning, 24×7 support staff and Fortigate firewalls.