2014 was a landmark year for data breaches, due to security attacks on Home Depot, Target, Staples, Sony and many more. But, analysis say 2015 could be even more significant with respect to security and it will not be wrong to say that cyber security will be a hot topic in 2015. According to the 2015 Global State of Information Security Survey (GSISS), conducted by PwC, the CIO and CSO magazines globally:
- The total number of ‘detected’ security incidents in 2014 increased to 48% from 2013, which is equivalent to 117,339 incoming attacks per day.
- The average financial loss from cyber security incidents was $2.7 million – a 34% increase from 2013.
- Losses to companies had also increased to 92% from the previous year, which is a loss of more than $20 million.
- Large organizations detected 44% more security threat incidents this year as compared to last year.
At an October cybersecurity event cohosted by the U.S. Secret Service, the FBI and the Financial Services Roundtable, officials reported that hackers have stolen more than 500 million financial records in the last year.
So after the series of hacks that we have seen in 2014, the important question to ask is, whether or not companies at any level are prepared from cyber-attacks?
Here are few things we believe will have an impact on security in 2015
Politically motivated cyber-attacks will increase: In the last few days there have been several accusations on specific countries for hosting cyber-attacks against businesses. Such attacks are hosted with a goal of embarrassing or discrediting targeted companies and exposing the vulnerability of their digital infrastructure. This trend will continue in 2015 and result in data leak.
Advanced Persistent Threats (ATP): Advanced Persistent Threats, where attackers select a specific target, will play a big role in the upcoming year. Sophisticated APT tools, tactics and procedures will be used by attackers to target users, same like the new BlackEnergy campaign or the Windigo Operation.
Point of Sale Attacks: POS (Point of Sale) intrusion attacks have become a major trend over the last year. These attack showed the real threat that POS based devices can pose to the retail marketplace. In 2015, small businesses will be specifically vulnerable to these threats, and therefore it will become even more significant to strengthen the system’s security.
Attacks on online payment systems: With the growing use of online payment systems, attacks on it will also increase. Cybercriminals will increasingly target online payment systems in 2015 and try to ruin the financial transaction security. But for now, cybercriminals will continue to target traditional credit and debit cards, as they are the easy targets.
Attacks on Android devices: In 2014 we saw multiple new attacks on Android devices, which is predicted to be increased in 2015, especially with the continued rise in BYOD (bring your own device) policies in organizations. In 2014, internet privacy and Android malware were in prime focus and it is predicted to bring more sophisticated threats in 2015 as well.
Attacks on Apple products: With 2014 seeing attacks on the Mac OSX operating system along with new set of malware targeting the iPhone, it is predicted that cybercriminals will host attacks against Apple products in 2015. IOS platforms such as iPhone and the iPad will continue to see new malware.
Attacks on Internet of Things: Manufacturers of Internet of Things (IoT) devices in 2014 have failed to implement basic security standards and this will continue in 2015 as well. As a result attacks on IoT devices are likely to increase. Hence, IoT devices need to be built with greater security in mind, particularly given the amount of personal data they store and transmit.
So, the bottom line is:
2014 has been the year of data breach and sophisticated attacks and this will continue to worsen in 2015. To protect business and individuals from such attacks, organizations must deploy effective security technologies to ensure complete data protection from external threats and to avoid terrible security incidents that can harm reputation, customer loyalty and revenue.
About eScan: eScan, one of the leading Anti-Virus & Content Security solutions for Desktops & Servers is developed and marketed by MicroWorld. It is powered by innovative and futuristic technologies, such as MWL Technology, DIRC Technology, NILP Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provides protection from current threats, but also provides proactive protection against evolving threats.