“Chance favors only the prepared mind.”

- Louis Pasteur

Top 10 Cybersecurity Threats

Ransomware is not a new threat; in fact, the first attack took place back in 1989.  Cybersecurity analysts have stated that in 2020, there were 304 million ransomware attacks worldwide.  Their predictions are even more concerning for 2021 with an estimated $20 billion in damages.  A ransomware attack when a cybercriminal attaches malicious software on files and prevents the victim from accessing those files and threatens to publish the content of the files unless a ransom is paid. In 2020, the largest ransom amount was paid out in July of 2020 in the amount of $4.5 million.  Unfortunately, the payout amounts are increasing drastically.  In July 2021, the highest requested payout amount reached $70 million.  Cyber Protection Services has stayed up to date on all the ransomware trends and has experts ready to prevent and defend against these vicious attacks and save your organization potentially millions of dollars in damages and payouts. (Backlink to services page)

In our digital world, being able to connect to as many devices as possible makes cleaning, shopping, exercising, listening to music, and even interacting much more convenient in our personal lives.  Businesses also use this advancing technology.  Smart locks, thermostats, security cameras, and lights are just a few of the connectable devices that create a much more comfortable and accessible work environment.  The Internet of Things (IoT) provides both businesses and homes with a wide array of smart devices and tools that are used to simplify daily tasks and increase productivity.  However, this incredible digital technology also opens the doors for digital attackers.  These smart devices and new technologies are being produced at an incredible speed. Reportedly, there will be an estimated 35.82 billion devices installed in 2021 and by 2025 an estimated 75.44 bullion installed devices. To keep up with the growing demand, developers and security experts are unable to provide the security these devices need to safeguard them.  Digital hackers see this as a vulnerability and use it to their advantage. This means the smart speakers, robot vacuums, smart watches, connected refrigerators, security cameras, and many more devices that make daily life much easier are at an elevated risk of being compromised.  

In 2020 and 2021, the appearance of the workforce has shifted drastically.  While many organizations normally had most of their employees working in-person, the introduction of Covid-19 shifted how companies approached safely retaining their employees safely during a global pandemic.  The solution many companies adopted was to have their employees work from home to help reduce the risk of exposure.  Before Covid 19 so greatly impacted the workplace structure, 20% of employees worked from home.  During the pandemic, an incredible 71% of employees transitioned to being remote workers.  It is estimated that once the pandemic restrictions are lifted, there will still be approximately 54% of employees who want to continue working remotely.   There is an elevated security risk for companies when they have employees working from home.  The beginning of the remote work transition happened to quickly that employees had to use their own personal computers (PC) versus a company provided machine.  This means employees were using PCs that did not have the same securities in place necessary for the storage and transmission of company data.  When businesses were able to provide secure machines to their remote employees, approximately 50% of remote workers said they use their company provided machines and devices for personal use (including streaming, online gaming, non-work-related web searches, and allowing their, now homeschooled due to the pandemic, children to use the machines).  Using business devices and machines for personal while remote working has created a concerning rise in the amount of cybersecurity issues companies have to deal with. Cybersecurity teams and IT specialists are presented with a larger challenge when it comes to keeping their organization safe.  

A growing and complex threat in the cybersecurity realm is the use of deepfake and synthetic technology.  Before it was called ‘deepfake”, the very beginnings of this technology began in the 1990s when programmers created a software called Video Rewrite Program.  The purpose of this innovative software was to produce synthesized facial animations using an audio output.  The initial videos created using this technology were convincing, but even the untrained eye could spot the discrepancies.  Over the years, however, this technology has been refined. The videos produced using synthesized animation software have become increasingly convincing.  It has even been used in the entertainment industry for many years.  The technology is evolving drastically, and the impact is reaching beyond the entertainment industry.  Programmers can now synthesize voices and facial mannerisms to create not only video but voice audio impersonations as well.  The deepfake technology became mainstream in the world of politics in 2017 and it did not stop there.  Cybercriminals use this technology to deceive individuals and businesses alike, they are posing as important figures – CEOs, politicians, family members, etc. to scam money from their victims.  This growing threat has the potential of causing serious damage in the world of cybercrime.

It is estimated that 43% of smartphones/tablets do not have passwords.  This allows anyone to access and exploit personal private data.  Exploits can even be hidden in legitimate applications downloaded to the smartphone.

Cards that contain the new smart chips are vulnerable to “Card-not-present” fraud that is exploited online.  This type of fraud has been seen in other countries that use this technology.

Certain sophisticated malware and virus software have shown they have the ability to install a backdoor onto a computer without alerting the antivirus software.  This will allow a hacker to gain remote access to a computer and extract any data that is valuable. 

Cyber criminals have been using social media to track their victim’s movements in order to exploit their vulnerabilities.  If for example, you tweet that you are heading to Florida with the whole family, then the criminal following you knows that your home is empty. 

Data can be changed easily by the user of the data.  The number of incidents of outside users manipulating and changing data is on the rise.

Software that allows you to access video or music content across the globe can create a huge opportunity for a hacker to gain access to more than just your “piano playing cat” videos.