Mobile and PC hardware manufacturers at last months’ Consumer Electronics Show (CES) were falling over themselves to show their new cross-over devices (a device that’s not only suitable for home, but also built to be used at work).
The increasing shift towards BYOD (Bring Your Own Device) is allowing businesses to be more flexible and produce better applications. But there’s also a growing number of people who are viewing the BYOD opportunity as a way of attacking the corporate network – McAfee saw the “number of mobile threats go up dramatically” in 2012.
How to keep one step ahead of the hacker
The threats to the BYOD market are just the tip of the iceberg. When it comes to new hacking exploits there are also an ever-increasing number and sophistication of new threats from social networks, malware, rootkits and more that can impact your business in 2013.
So to help you keep ahead of the hackers, we’ve compiled a list of the top eight new threats that you may face in 2013
1. Bring Your Own Malware
Allowing employees to access their networks from their smartphones and tablets – alongside BYOD policies – can help improve business efficiency. But it also opens up a potential new gateway for hackers, and many experts have already started to declare 2013 to be the year that mobile device malware makes its presence felt in a big way.
Devices that are likely to be hardest hit are those running the Android Operating System, due to its openness and the relative ease of adding apps to the various Android app stores.
This is malware that hijacks a computer, and then holds its content for ransom – this increased three-fold on Windows PCs in 2012, and it’s a trend that’s set to continue into 2013. Experts predict the strategy will expand to mobile devices as well as continuing on the desktop.
3. Diversification of rootkits
To counter the increasing effectiveness of anti-virus and anti-malware software, hackers have moved their concentration to the less-protected BIOS and Master Boot Loader levels. Expect more rootkits to appear before the door is closed, with the combination of the new Unified Extensible Firmware Interface (UEFI) BIOS replacement and greater low-level security in Windows 8.
4. Phishing and other schemes
Out-of-the-box security features built-in to Windows 8 are making it harder for hackers to gain control of PCs. So they’ve shifted their attention to tried and tested phishing, and other social engineering techniques, which rely on the consumer or business user doing their work for them.
5. Destruction-oriented attacks
While many hackers are motivated by greed, there’s an increasing number who are motivated by politics – and their strategy is not to hold to ransom, but to destroy. Either as an act of “cyber war” or simply for the pleasure of doing something destructive.
6. HTML 5
The latest HTML standard allows users to personalise their browsing experience, and for businesses to be able to build powerful browser-based applications. Unfortunately, in reducing and eliminating the “layers of technology” between the web browser and internal systems, it also opens up some new and seductive opportunities for hackers to exploit.
7. Hacking as a service
Hacking as a service gives any user a suite of sophisticated online tools that allow anyone to hack – even those who don’t know how to program – and could do for hacking what Visual Basic did for programming,
8. Social networking cyber threats
As businesses become more involved with social networking services such as Twitter and Facebook, more and more hackers and activists will begin to exploit the networks. It’s an open gateway to personal and business data, either through phishing and social engineering threats, or via malware in social applications.
How can you protect yourself?
So what now?
While all this sounds ominous, there are remedies. For example, greater password security, restrictions on network access, firewalls and if all else fails, an abundance of redundancies.
However the majority of these remedies are there to simply plug holes and gaps in the software and hardware that are largely created by the businesses themselves, either because of bad initial design, or a lack of a proper security testing.
The best way to prevent hackers from succeeding is to rely on people with comparable or greater expertise, to help in the design of new applications and to help test applications and systems thoroughly, and that’s where the Certified Ethical Hackers comes in.
The Certified Ethical Hacker has all of the skills of an unethical hacker – and more – and applies those skills to creating solid and secure systems that are tried and tested. So the next time a malicious hacker embarks on his illegal, immoral and sociopathic journey, he will face a new adversary, a human one.