The fight between cybersecurity and cybercrime seems to be never ending, especially as more and more people rely on technology to manage their daily lives.
By the time a solution is finally found and an issue patched, cybercriminals have found another issue to exploit, and the cycle begins again.
2016 saw the release of major technological advancements both in hardware and software but, as more and more individuals and businesses relied on technology, more hackers also chose to use their skills to victimize and exploit.
Now that the year is closing, experts are weighing in on which forms of cybercrime were committed the most. Ajay Kumar breaks them down into three categories: Ransomware, IoT hacking, and lawful hacking.
Ransomware is a cybercrime wherein hackers take over an information system, lock out the rightful owners then demand a certain sum for it to be released. It is like digital kidnapping, only with information instead of people.
“We’ve begun noticing that ransomware has been focusing on small and medium businesses for the past year, as they’re more likely to pay larger ransomware fees than the average user,” Bitdefender senior e-threat analyst Liviu Arsene said.
One such instance is the attack on the Hollywood Presbyterian Medical Center in Los Angeles, California wherein the hospital experienced network access and electronic communication issues. Not only that, the hackers encrypted many files in the hospital’s system forcing employees record everything manually-with pen and paper-until the hospital gave in and paid the $17,00 ransom the hackers demanded to free its own system.
Crypto-ransomware-the malicious program that allows hackers to encrypt files-also saw a rise in 2016.
Internet of Things (IoT) Hacking
Most readers would probably be familiar with the concept of the IoT but, for those who are not up to speed, the IoT is basically how electronic and digital devices are all interconnected. This is much like how a mobile phone can communicate with a garage door or a home security camera.
Since many, if not most, devices are connected to each other now, the effects of hacking has become more massive, just like how the attack on Internet Service Provider (ISP), Dyn, created huge problems for its users and the companies that rely on it to keep their information secure.
A threat to the IoT can also mean scary times ahead for individuals whose lives rely on electronic and digital devices. Just imagine a hack that could endanger the lives of people aboard an autonomous car or a secure building unless ransom is paid or the hacker is content.
“[We] have been shown just how vulnerable the internet, which is now an integral part of the critical infrastructure of the US and many other countries, is to disruptive abuse conducted at scale […] Until this vulnerability is addressed, it will cast a serious shadow over the future of connected technology, a future in which much hope and massive resources have already been invested.” Stephen Cobb from the ESET Security Company said of the Dyn attack.
Notice the term “lawful” in this cybercrime and think back to the time the Federal Bureau of Investigation (FBI) were practically demanding Apple to give the bureau a way to access information on the iPhone after the San Bernardino shooting happened.
Businesses, citizens and the government were split on the issue because, while it may help some put some cases to rest, there is really no certainty that the government would stop at one case and Apple rejected the FBI’s demand for a backdoor. In the end, the FBI paid professional hackers to unlock the shooter’s iPhone and access the encrypted data.
Hopefully cybersecurity experts will be two steps ahead in 2017.