eScan Advisory on Evolving Cyber Threats

Remember Ashley Madison hack? More than a million users personal and financial data were compromised making it the biggest in the industry and one of the most devastating security breaches of 2015. Scammers took the advantage of this opportunity and eScan research team in a startling investigation found that cyber-criminals used various means of extortion techniques, fake promises and emails mentioning about the infidelity website to target the people affected by the breach.

What’s happening?

Trust, Internet scammers make the best out of other Internet Scams and with the evolvement of technology, cyber-crooks are leaving no stone unturned to exploit the technology trends such as Cloud Computing, Internet of Things (IoT) and Big Data so as to con the victims and business organizations.

Cloud computing is where software applications, data storage and processing capacity are processed over the internet. It is accepted as a more secure and advanced means of data storage, that can share processing power with computing. Today it continues to be a hot topic where internet presents ongoing security concerns such as data breach, data loss, malicious insider etc.  Data breach results in Data loss or Data leak and it can take place either inside or outside organization.

Big Data, literally just a lot of data, is the new trend. Being an emerging technology, it contains issues such as Privacy. Unauthorized access control policy to big data will lead to risk of loss and theft. Therefore it is advisable to make sure Big Data is available to legitimate users who have a business need.

What to do?

eScan Corporate products support Role based administration through its management console. It enables you to share the configuration and monitoring responsibilities for your organization among several administrators. Using this feature one or more senior administrator can have full configuration privileges for all computers while one or more junior administrators can have less configuring and monitoring authority over group of computers allocated to them. You can assign administrators with pre-defined roles, each with its own set of rights, permissions and groups. eScan forecasts that cyber-criminals will access to big servers process big data for information like Credit Card details and log files.

IoT is the new ingredient for hacker to carry out attack.  Gartner has predicted that by 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for only 10% of IT security budgets. Recently a massive cyber-attack was carried out on popular websites such as Twitter, Reddit etc.  This was due to DDOS attack on Dyn, DNS host. The DDOS attack was carried out with with a help of an IoT botnet called Mirai, which targeted Dyn which in turn affected Twitter/ Reddit etc. Botnet allows hackers to take control of many computers at the same time and turn them into zombies or bots. Research on Mirai revealed that it was destined to scan the Internet for poorly secured products such as Routers, IP Cameras and then access them through guessable passwords like “admin” or “12345”.

This entry was posted in eScan 11, eScan 14, MailScan, Security and tagged , , , , , , , , , , , , . Bookmark the permalink.