Categories

Top targets for cyber criminals in 2018

Monday, August 27, 2018

In 2017, several companies experienced cyber attacks and vast amounts of critical data got breached. In fact, big companies in the US such as Verizon, Yahoo, Uber, Whole Foods and Equifax were some of the victims of these crimes.

Since these companies are all enterprise-level organizations, one might think that small and medium-sized businesses are exempted from cybercriminals. As the most publicized cyber-attacks happen on such enterprise-level companies, SMBs tend to think that these hackers have no interest in them. Well, that is far from the truth.  As a matter of fact, hackers love such a train of thought. A recent study showed a few interesting statistics that SMBs are not quite as invisible to hackers as mostly presumed. The data showed that about 50% of SMBs have experienced a cyber-attack and about 70% of these attacks are explicitly targeting these SMBs.

Cybercriminals are thorough in their mischievous activities. In fact, they have been known to learn from previous failures to make future attacks much more lethal. In that respect, let’s look at some of the top targets for cybercriminals in the year 2018.

 

Small businesses

In the previous two years, there has been a significant concern for small businesses about cybercrime. After much observation, it’s clear that while the enterprise level companies get the most press when attacked, SMBs remain the prime target for hackers. In the United States, for instance, about 14 million small businesses have been attacked. That is quite a large number. Cybercriminals love SMBs because unlike their enterprise counterparts, they have significantly less muscle to secure endpoints and stop an attack if they wanted to. Some businesses think that by simply installing anti-virus software on all machines at the workplace will keep them safe. However, in today’s business environment, a lot more has to be done. These include but not limited to:

  • Mail security
  • End-point advanced security which can be enforced by artificial intelligence.
  • Online and hands-on training.
  • Two-factor authentication practices and password management.
  • Cloud secured internet gateways.

 

Healthcare

One of the most coveted targets by hackers is the healthcare industry. Being a billion-dollar industry, it’s one of the most data-rich sectors the world over. Hackers love the healthcare industry because medical files have the most intimate details of a person’s life and that is why medical records are most confidential even by law. In 2018 however, hackers are getting way smarter. The more recent activity, in this case, involves frequent attacks on the healthcare web apps.

A report unveiled by TechRepublic showed that on average, web apps in the healthcare industry get about 1500 unique attacks on a daily basis. Some of the more common attacks in this regard involve local file inclusion and cross-site scripting which means that they are more interested in planting malware downloaders that steal your personal information. Without regular patches to the apps, the healthcare industry is open to exploitation.

 

Law firms

Lawyers are some of the smartest people on the planet. However, cybersecurity isn’t usually their strongest suits. For hackers and cybercriminals, law firms are prime targets mainly due to the nature of data and information that they collect, store and use. Last year, DLA Piper, one of the more prominent global law firms suffered a vicious hack. The Petya ransomware left the firm unable to access their data for three days which means loss of business for those days. DLA wasn’t the only one. Nine more such firms, all large and powerful also suffered similar attacks last year. From this information, it’s safe to conclude that these hackers might step up a notch higher in 2018.

 

Personal computers and phones

Digital currency has come a long way. From the time when it was only an idea to now where some digital currencies such as bitcoin are more valuable than gold. Due to its immense value, as it is, there is a considerable demand for the product. Enter crypto jacking.

Cryptojacking can be defined as the stealth use of a computing device to mine cryptocurrency. Today’s computers and cell phones have become increasingly powerful to handle resource-thirsty applications seamlessly. As such, hackers had a way of unknowingly installing a program that will mine the currency in the background without the user’s consent. However, that method was quickly replaced by in-browser crypto jacking. Since most websites on the internet presently have JavaScript, the page will mine cryptocurrencies.

 

Financial institutions

Since financial institutions are literally dealing with dollars and cents, they are a prime target for any malicious hackers. Businesses operating within the financial services sector should always be prepared for an attack. Data from IBM X-Force suggests that more than 200 million records of financial services were breached in the previous year. This figure is expected to rise by a huge margin in 2018.

Due to cryptocurrency being extremely valuable at the moment, hackers will also continue targeting online wallets, affiliate sites, and exchanges. This kind of currency suits them best because as commonly known, most cryptocurrencies are untraceable. So, when the hacker manages to bypass security protocols in place and gets to the coins, there is no following the money with hopes of recovery.

In today’s world, it’s not a question of “if” you will be attacked. It’s often a question of “when” and whether you are prepared for the attack to either prevent it entirely or survive it. Cyber-crime is on the rise the world over and hitting all industries with money to drain. Today no company is immune from cybercrime. The advisable thing is to stay alert and embrace the saying; “prevention is better than cure.” 

Eteam 3.22.2018