2016 was yet another eventful year in the world of cyber-security. Many companies felt the damage to both finances and reputation that comes with an attack. As another year begins, leading security companies have begun to predict the nature of cyber-attacks in 2017 and the steps that businesses can take to protect themselves.
Advanced Persistent Threats are highly individualised and targeted viruses. Their goal is to gain access to a network and stay there undetected whilst harvesting information. Because of their covert and unique nature, they often don’t carry the Indicators of Compromise present in standard malware, making them difficult to spot.
The threat from APTs will continue in 2017 and it’s vital that businesses are protected. A comprehensive managed security package will monitor and scan your systems for threats and take a holistic view of your environment to ensure you’re covered at all possible points of entry.
Mobile devices are so integral to our everyday life now, it’s not surprising that hackers are dedicating time and resources to this area. Mobile malware will continue to rise in 2017 and needs to be considered as part of any security audit. There are a number of direct threats; vulnerable mobiles can be used as spying platforms or financial information can be stolen. Additionally, mobiles now play a role in many two-factor authentication security processes and a compromised device can give hackers access to many other systems. Similarly, mobiles offer a possible route into corporate networks and companies need to ensure their employees are as vigilant on a mobile device as they would be on a PC.
Internet of Things
The ‘Internet of Things’ has been the buzzword of choice for some time in the technology world. It refers to the idea of a connected home, a series of so-called ‘smart’ consumer electronic devices. The industry is still defining itself but the concern from a security standpoint is that as manufacturers rush products to market to catch early adopters, vulnerabilities are missed. This could predominantly be a consumer issue but as more employees use personal devices and home networks for business purposes, it’s something for companies to keep in mind. It’s tough to define exactly what the threat could be at this point, but it’s a definitely a ‘watch this space’ topic for 2017.
Ransomware is the term used to describe malware that blocks access to your system until a demand for payment is met. In a recent report, business continuity vendor Datto found that the threat from this will be bigger than ever in 2017. For the full report, click here.
Whilst a ransomware infection obviously has financial repercussions, most hackers in this space have historically been true to their word and restored access once the ransom has been paid. Worryingly, some security experts have predicted that in 2017, less sophisticated hackers will produce so-called ‘Skiddie’ ransomware that simply deletes files and offers nothing back upon payment. More details on ‘Skiddie’ ransomware and other threat predictions can be found here.
The consensus at Datto is that ransomware is still the big concern for small businesses in 2017. 97% of IT service providers reported that ransomware attacks on small businesses are becoming more frequent. The most common strain is CryptoLocker, and 95% of the providers surveyed advised that they had customers who had contracted this variant. Businesses can minimise the risk and impact by educating employees; the majority of ransomware attacks begin with a ‘phishing’ email.
Covering Threats on all Fronts
Air-IT know that the cyber-threat landscape is ever-evolving and it’s not possible to guarantee complete protection. However, a recent government report stated that 65% of large firms experienced a breach or attack in 2016, so clearly it’s an issue that needs to be taken more seriously.
The complex nature of modern cyber-attacks makes it necessary to take a layered approach to your IT security. At Air-IT, we can give advice on the best way to secure your environment. This may include solutions on the endpoint, email and web filtering, patch management, firewalls and more.
Additionally, specialist tools can help to protect you against specific threats. Air-IT have recently launched a tool that allows us to detect, limit and block the spread of ransomware. This is something we now auto-deploy to new customers as standard. Find out more about this by clicking on the button below.Air-IT Launch New Ransomware Tool
For businesses with remote workers, we also recommend using OpenDNS.
Open DNS is a web-based network security solution which manages your devices, wherever they may be. As well as protecting your devices from malware, including ransomware, it also allows you to enforce web content policies and monitor employee usage.
Backup – The Final Piece of the Puzzle
When it comes to security, prevention is better than cure. Since absolute protection cannot be guaranteed, it’s vital to have a contingency, were the worst to happen. A comprehensive backup plan forms part of any good IT security strategy. This gives you the peace of mind that you can get your business-critical systems back online quickly, in case of disaster.
Cyber-security should continue to be a high priority for business owners and senior managers in 2017. Threats are growing in sophistication and the impact to businesses can be devastating. There are steps that you can take to mitigate the risk. Partnering with a security expert, such as Air-IT, is a great start.
We work with industry-leading experts in the fields of threat management, backup and business continuity. Our team are fully accredited with vendors such as StorageCraft, Datto, Sophos, Cisco, Webroot, Mimecast and OpenDNS.
Air-IT’s Chief Technology Officer, Sam Reed comments:
It’s becoming harder for businesses to manage the risk posed by cyber-threats and 2017 will be no exception. At Air-IT, we can help you to make sense of the noise and establish a comprehensive cyber-security strategy to help safeguard and prevent potential breaches on your systems.
Air-IT is an award winning, Nottingham-based technology provider. We offer a full range of outsourced IT and communications services to businesses in the Midlands and nationwide.
Need help with your IT Security?
If you need more information or advice on your ICT, cyber-security or perhaps need help recovering from a cyber-attack, then please do not hesitate to contact us on 0115 880 044 and we will be more than happy to help.