Computer hackers, viruses and malware, are at all-time highs worldwide due to a series of recent events
2016 | The Current Trends in Malware & Digital Security
Malware that targets mobile devices is probably the most prevalent threat in 2016. Android devices are the main targets but sadly 2015 was the year that ios devices were discovered to be no longer immune too. Even ones that aren’t jail broken!
The other major type of threat that continues to proliferate is Ransomware. In case you’re not sure, these are viruses that use crypto-locking technology to prevent users from accessing their own data. Or, in a newer twist, ransomware can also be used for extortion.
Today’s ransomware primarily uses Trojans. What’s changed most recently here is the devices that these Trojans target. While computers continue to be targeted heavily, oftentimes now ransomware appears on users’ mobile devices! One can only wonder what’s next…IoT (Internet of Things) devices?
While it’s hard to imagine a scenario in which IoT devices could be attacked with Ransomware, what isn’t out of the realm of possibility…and in fact has even happened a few times already are attacks on IoT devices that take their hostages to become part of a botnet. In case your uncertain what a botnet is…its when devices are entrapped and made slaves to a hacker who uses their combined strength to attack other victims machines. This has happened frequently enough that there’s even been a term coined for IoT slaves…thingbots.
Wired magazine calls 2015 the proof of concept year for attacks against Iot devices. Traditional Botnets involve computers. When computers are entrapped and are forced to work as part of a botnet, they are called zombies. You might wonder why I even know about this kind of thing…because it’s really not something you here of very often. The reason I do is because it happened to me…or rather to my family. All of the devices on our home network were hacked into and we lost use of them for the periods of time when the botnet controlled them. Botnets are prolific. The reason you don’t hear about them very much is because they are stealthy. They try really hard to keep their presence unknown to their human victims.
They do this by analyzing their victims usage and trying to operate when their victims wouldn’t notice. In the middle of the night for example…or when they are on vacation. But the hackers that attacked my family didn’t recognize my tenaciousness to expose their operations and then oust them completely. It took a year and a half for us to figure out what was going on and then to get them out of our devices, our network and entirely out of our home. But we did prevail and learned volumes in the process. But I digress… that’s really a topic better suited to its own post.
The one thing that our situation had going for it that is very different from today is that back when ours occurred, in the 2010-2012 timeframe, IoT devices weren’t yet a factor. But today, every kind of IoT equipment imaginable is at risk, ranging from automobiles and medical equipment to home heating and cooling systems, lighting and even baby monitors! It’s obvious that large scale service providers like mass transportation services are faced with serious safety concerns. But much smaller scale services like those used in homes are actually being targeted to.
Therefore, keeping all those devices on a very large scale safe and secure adds a lot of importance to network technology. Even home networks today need to be extremely secure and should include many layers of protection. A secure computing environment in 2016 should begin with a network-wide Firewall which is the gatekeeper that blocks any and all incoming data traffic that’s not specifically excluded, and then go on down the line to protect individual devices with device specific firewalls as well as software protection suites that include anti-virus, anti-malware and anti- exploit components. This may sound like a lot, but really it’s much easier than it sounds. There are good solutions available for all those aspects…I know because I use them all!
Key Events in 2014 & 2015
Microsoft’s decision to discontinue support for Window’s XP in April 2014, and the subsequent discovery of the Heart Bleed Bug, also in April set off a new level of public awareness about password safety. Password managing software really came into its own immediately following these 2 events.
For a great directory of articles the link below will bring you to Black Hat’s listing of security articles. Black Hat, an international forum for computer security specialists hosted the annual Black Hat USA Convention in Las Vegas, in August 2014.
Link to Black Hat’s news article directory
Links to Security Information in the Digital Age
Many of the following links I culled from Black Hat’s directory and from Google research on recent exploits targeting Window’s XP.
This first link below takes you to blog by FireEye, a security solutions firm that protects businesses ranging in size from small businesses to very large corporations, as well as governments. Their blog has an ‘open source’ attitude of sharing information regarding many types of exploits. The one immediately following brings you to their current blog. One of the top articles provides a good insight into machine language and how it’s utilized in malware.
Link to FireEye’s blog on malware aimed at Android mobile devices
Here’s 2 articles about how usb devices can install malware on your computer without you actually moving files from it to your computer. This is a topic that was presented at the ‘Black Hat’ conference in 2014 in Las Vegas.
Warning to stop using USB devices because the technology is essentially broken
New Flaws in USB Devices Let Attackers Install Malware: Black Hat
Link to an article by ‘Wired’ about how hackers were able hide money mining botnets within Amazon’s cloud server.
Networking Resources
Ask Leo.com is a great website for learning all about securing home networks.
vsatips 