Running a business and fending off competitors is tough enough, but mounting threats to your company’s data and processes make everything more difficult. How can one cope with more sophisticated malware and complex government regulations that add costs to operations? And how can a small- to medium-sized business (SMB) navigate the sea of solutions that’s as broad in choices as it is deep in technical jargon?
SMBs can begin by raising their awareness of the current and foreseeable landscape. Let’s start with new cybersecurity threats we all should watch out for in 2019.
#1. Pyramid scheme-style ransomware
Ransomware holds data or entire systems hostage until the affected user pays a ransom. The actual malware needn’t be sophisticated, but the attack executions often are. In 2018, cybercriminals typically asked to be paid in Bitcoin, an untraceable currency that lets them cover their tracks. In 2019, we are likely to suffer from their take on pyramiding.
In this scheme, a victim’s files can be released for free, but only if (1) they’re able to spread the ransomware to at least two people and (2) at least two of those new victims pay the ransom. Of course, those people can also spread the ransomware to avoid having to pay. Talk about going viral in 2019!
#2. IoT vulnerabilities
The Internet of Things (IoT) is vaunted to dramatically change lives the way the automobile did in the last century. With devices that talk and interact with one another and their surroundings without human intermediaries, IoT brings about automation innovations such as self-driving delivery trucks, dynamically adjusting thermostats, and security systems capable of directly alerting us or the police.
However, surrounding ourselves with more and more internet-connected devices also means more potential access points for hackers. Think remote-controlled vehicles utilized as weapons, botnets (i.e., networks of zombified computers or “bots”) overwhelming servers, or security cams used as lookouts for thieves.
Governments the world over are introducing regulations that penalize companies for being lax with their customers’ data, but it appears that it’s the tech industry itself that must take the mantle of cybersecurity if IoT is to be fully adopted.
#3. Shift from data theft to data corruption
In addition to stealing data, hackers have begun altering data to compromise its integrity. Scammers, saboteurs, and anarchists can distort stock prices in their favor, alter companies’ databases, poison personal information with reputation-damaging falsehoods, or disrupt data-heavy operations such as traffic control. This type of attack can make people distrust data and cause massive chaos unless data integrity can be ensured.
Mining (i.e., using computing resources to verify transactions on blockchains) is one of the main ways of earning Bitcoin and other highly valuable cryptocurrencies. While profitable, mining requires arrays of computers consuming large quantities of electricity, making it prohibitive. Hackers, in their deviousness, figured out a workaround: hijacking other people’s computers.
Cryptojackers will spread emails containing links that infect computers with cryptomining scripts, or inject online ads or websites with code that auto-executes cryptomining sequences once loaded in people’s browsers. Their malware is difficult to detect and can quickly hijack vast networks of computers.
Cryptojacking software takes processing power away from the computers they run on, leading to noticeable lag. You suffer slower operations and render poorer customer service — and only the hacker gets to profit from the cryptomining efforts you are unknowingly undertaking.
SMBs must be vigilant against cybersecurity threats, wherever they may arise. Talk to our experts to learn more about how USWired can help keep your data safe from hackers and online criminals.