This appeared a few days ago.
Six Cyber Threats to Really Worry About in 2018
From AI-powered hacking to tampering with voting systems, here are some of the big risks on our radar screen.
- by Martin Giles
- January 2, 2018
Hackers are constantly finding new targets and refining the tools they use to break through cyberdefenses. The following are some significant threats to look out for this year.
More huge data breaches
The cyberattack on the Equifax credit reporting agency in 2017, which led to the theft of Social Security numbers, birth dates, and other data on almost half the U.S. population, was a stark reminder that hackers are thinking big when it comes to targets. Other companies that hold lots of sensitive information will be in their sights in 2018. Marc Goodman, a security expert and the author of Future Crimes, thinks data brokers who hold information about things such as people’s personal Web browsing habits will be especially popular targets. “These companies are unregulated, and when one leaks, all hell will break loose,” he says.
Ransomware in the cloud
The past 12 months have seen a plague of ransomware attacks, with targets including Britain’s National Health Service, San Francisco’s light-rail network, and big companies such as FedEx. Ransomware is a relatively simple form of malware that breaches defenses and locks down computer files using strong encryption. Hackers then demand money in exchange for digital keys to unlock the data. Victims will often pay, especially if the material encrypted hasn’t been backed up.
Some politicians want to make it legal for individuals and companies in America to pursue digital assailants.
That’s made ransomware popular with criminal hackers, who often demand payment in hard-to-trace cryptocurrencies. Some particularly vicious strains, such as WannaCry, have compromised hundreds of thousands of computers (see “The WannaCry Ransomware Attack Could’ve Been a Lot Worse”). One big target in 2018 will be cloud computing businesses, which house mountains of data for companies. Some also run consumer services such as e-mail and photo libraries. The biggest cloud operators, like Google, Amazon, and IBM, have hired some of the brightest minds in digital security, so they won’t be easy to crack. But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved.
The weaponization of AI
This year will see the emergence of an AI-driven arms race. Security firms and researchers have been using machine-learning models, neural networks, and other AI technologies for a while to better anticipate attacks, and to spot ones already under way. It’s highly likely that hackers are adopting the same technology to strike back. “AI unfortunately gives attackers the tools to get a much greater return on their investment,” explains Steve Grobman, chief technology officer at McAfee.
An example is spear phishing, which uses carefully targeted digital messages to trick people into installing malware or sharing sensitive data. Machine-learning models can now match humans at the art of crafting convincing fake messages, and they can churn out far more of them without tiring. Hackers will take advantage of this to drive more phishing attacks. They’re also likely to use AI to help design malware that’s even better at fooling “sandboxes,” or security programs that try to spot rogue code before it is deployed in companies' systems.
More here including the other three major threats:
What can I say but ‘be careful out there”!
David.
No comments:
Post a Comment