The awareness of the fact that we cannot consume and exchange information on the Internet without risk is growing worldwide. Let’s take a look at the events in the field of digital communication that made it to the headlines in 2016, and look forwards to 2017. What dangers do we have to face, what may we have to deal with?
Hopes that 2016 will be a safer year than 2015 have not been realised. On the contrary, according to Trend Micro's current security report, 2016 is the year of "online blackmail". "Ransomware as a Service" has become a worthwhile business model for criminals. The debate about more security on the Internet was already vigorously launched at the beginning of the year. The reason for this was the successful hacker attack just before Christmas 2015, which separated hundreds of thousands of people in the Ukraine from the power grid for several hours. It was so far the first time that a power supply was put out of operation over the Internet.
In February, hackers managed to steal $81 million dollars by attacking the Bank of Bangladesh. The bitter consequences of an inadequate and outdated IT infrastructure: the loss of money for the bank and the loss of job for the head of the bank. The finance minister had learned of the coup a month later from the newspaper.
Also in February criminals sent e-mails to employees of banks, companies, authorities as well as to private individuals. By opening the appendix, the malicious software TeslaCrypt was installed on the computers and introduced into the system. Numerous computers, especially in Europe, but also worldwide were infected by the trojan Locky. The principle is always the same: after computer systems have been infected, the malware encrypts the data. The attackers then demand money for decoding, mostly in the cyber currency, bitcoin.
And then there was Yahoo!. The company had been successfully hacked over the past few years. In 2013, attackers managed to get access digitally to the company and thus acquired more than 500 million customer records - the theft was detected and published this year. The acquisition of Yahoo! by Verizon for $4.8 billion US dollars (yes, really: $4,800,000,000 US dollars) has moved into a far distance for the time being. So, hacker attacks and lax handling of the privacy of customers can put a multi-billion dollar deal on hold and possibly stop it altogether.
Even the world's biggest internet marketers were not spared in 2016: CEOs of Facebook and Google, Mark Zuckerberg and Sundar Pichai received a friendly hint from the hacking team OurMine that there were security gaps in their social media accounts after the hackers had gained access to them. This unauthorized access remained for the prominent users (apart from the negative headlines) without serious consequences.
Despite the rapid growth of these threat scenarios in 2016 (851% increase in ransomware families from January to September), efforts to protect oneself (paradoxically) have declined. According to the OpenXchangeCOI Report 2016, the number of users of e-mail encryption has decreased compared to 2015. Only one in five Internet users in the US, UK and Germany used e-mail encryption in 2016. However, 36% of Germans, 18% of Americans and only 12% of Britons encrypted their e-mails. The reason for the low number: it’s too complicated. Good answer, bad excuse!
Companies cannot afford to diminish their effort in protecting their company data especially in transit. The economic damage of cyber-attack can be significant. On average, each American company lost $17 million dollars in 2016 through digital attacks from outside. The loss for British and German companies is clearly lower, but still significant at seven and eight million respectively. For purely economic interests, but also due to legal requirements and for the value of reputation, companies will have to press ahead with their efforts in 2017 in order to protect themselves appropriately against unintentional access.
Next year the Ransomware volume is predicted to stabilize but to further professionalize. According to the Asia based security provider Trend Micro, criminals will develop more complex methods and targets of attacks from Ransomware and capture money with "Business Email Compromise" (BEC) and "Business Process Compromise" (BPC). Also attacks on the Industrial Internet of Things (IIoT) will become more lucrative. In 2017 the number of new Ransomware families will increase by 25%. This means that every second day a new one will be in the "market". "Cybercriminals will first steal confidential data, sell it in underground markets, and then install Ransomware to take data servers as a hostage, thus doubling their profits."
In the "Business Email Compromise" (BEC) method, e-mail accounts are hacked (often using metadata as a key source of information to break in) and employees are instructed to transfer money to an account. Especially, financial departments of companies are under attack. An average of $140,000 US dollars can be captured per attack - multiple times that of a Ransomware attack.
In the so-called "Business Process Compromise" (BPC), criminals hack into a corporate network and manipulate financial transactions in their favour. This was the case at the Bank of Bangladesh in 2016, where a multi-million figure was transferred. Attackers can also hack into the delivery center and redirect valuable items, including data to other addresses - also a lucrative business, depending on the value of the goods.
Mobile digital devices and computing terminals such as ATMs or point-of-sale systems will be affected by external attacks to the same extent as desktop devices are affected today. Also worthwhile: IIoT attacks. These are attacks on systems of the industrial Internet of Things. Many companies will be willing to pay a ransom to prevent imminent loss of production due to spoiled software and disrupted services.
Security gaps in software from Microsoft and others will be further exploited in 2017 in order to gain access to computer systems, and user credentials. Trend Micro predicts that in 2017 further software errors will be identified for Adobe and Apple products. The increasing number of Apple users will make Apple software increasingly attractive as a target to attack.
Cyber-propaganda becomes the norm. For the user, it becomes increasingly difficult to distinguish between fact and fake. False information is spread and manipulated content filters of social media networks are intentionally used to influence the process of political opinion-making and social moods before important events, e.g. elections.
In order to meet the requirements of the EU Data Protection Regulation, which comes into force in the middle of 2018, European companies must take all necessary precautions in 2017. Having a data protection officer, for example, becomes mandatory at a certain company size. New employees must be recruited and trained. Processes of data processing must be checked and adapted, file storage systems only for EU data should be set up, and data protection should be checked with external partners such as cloud storage providers. Plenty of new work for hard pressed compliance teams.
One quarter of all enterprises worldwide are affected by IT failures and data loss due to external attacks. It is no longer just the automotive and pharmaceutical industries or the financial and insurance sector, which are on the target list of attackers. SMEs, small businesses and individuals are also affected and should protect their IT infrastructure and digital communications. Because small companies are finding it hard to cope with such extensive protection using their own resources, they often need to rely on the expertise of external security experts. Trust will be critical between supplier and business owners.
Cybercriminals will continue to work on their methods and will aim to maximize their profits at the same time. Everyone must protect themselves, large enterprises, and individual users alike. Laws create the legal framework and the basis for fighting, but they do not provide a guarantee for greater security on the internet. Companies are working hard to develop systems to better combat cybercrime. In the next two to three years, cognitive technologies will play an important role, capable of learning, and providing important background information when an IT system is attacked by known or unknown malware, and helping administrators to analyze suspicious activity. But that alone will not be enough. Companies should combine different security technologies in 2017 to protect themselves. These include: "application control, exploit prevention and behavioral analysis, sandbox detection, and reliable machine learning techniques".
We contend that companies should have the capability for all email users to encrypt emails and files of any size directly from the email client, and that they are better protected if the metadata so often used for social engineering is encrypted as well.
Protect yourself from data theft, ransomware blackmailers and unwanted readers:
1. Keep the software of your digital devices up-to-date
2. Make back-ups
3. Never open email attachments from strangers
4. Use e-mail encryption software, and encrypt all larger files and metadata
5. Make online banking and payments only on SSL-encrypted pages and from trusted devices