This was a banner year for cybercriminals. Massive data breaches, ATM skimmers and malware attacks dominated the headlines throughout the year.
No matter which type of attack the scammers use, their final goal is always the same. To steal our personal information and our money.
With 2016 winding down, we're going to take a look ahead to next year. Here are three of the top cybersecurity threats to watch out for in 2017.
The leading cybersecurity threat in 2016 was ransomware and we expect it to be just as rampant next year.
Ransomware isn't a new thing. It's been a serious concern since a virus called CryptoLocker arrived at the end of 2013. However, it is still a serious threat and getting worse every year, especially since hackers can now get it for free to modify as creatively as they want.
As you probably know, ransomware encrypts your files so you can't open them, and the only way to get them back is to pay a ransom. It's become such a serious problem that the FBI is asking victims to help them track down the scammers.
Ransomware isn't just a worry for individual computers. It can lock up files on a network, which means one infection can bring down an entire company. It's also possible to get it on smartphones and tablets via a malicious text, email or app.
Fortunately, it isn't all doom and gloom. Ransomware still needs your help to install. If you avoid falling for phishing emails with malicious links or downloads, you can keep ransomware off your gadget.
You can also take the precaution of backing up your computer files regularly. That way, if your files do get locked, you can wipe your drive and restore your files. Learn more ways to keep ransomware off your gadgets.
2. DDoS attacks
A new era of cyberattacks is upon us. Now, seemingly harmless everyday appliances like printers, digital video recorders, webcams, thermostats and routers are being utilized as minions in Distributed-Denial-of-Service (DDoS) attacks against websites.
DDoS is an attack where a targeted website is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down. Traditionally, these attacks are launched from compromised computers and mobile gadgets collectively nicknamed a "botnet."
However, recent DDoS attacks on a security blogger's website and French website host OVH reveal that now it's not just computers that are being utilized as botnets. Even Internet of Things (IoT) appliances are fair game.
This means unsecured routers, printers, IP web cameras, DVRs, cable boxes, connected "smart" appliances such as Wi-Fi light bulbs and smart locks can be hijacked and involved in cyberattacks without the owner knowing about it. To remain unnoticed, compromised appliances could be sending out small trickles of data to make the attack discrete. Multiply that by millions and what you have is the perfect DDoS attack vector.
How serious is this? The recent attacks are reported to be the largest targeted DDoS attempts ever, with a sustained data stream of 620 Gbps and even reaching data rates of over a terabit per second, all accomplished by enslaving connected Internet of Things appliances via a trojan program infection.
Alarmingly, the source code for this smart appliance trojan program, named Mirai, has been published online for everyone to see. This means we will be seeing more of these attacks in the future and securing these connected appliances is more vital than ever.
Mirai is said to compromise about 380,000 connected appliances a day. Thankfully, after the recent DDoS attacks, internet service providers started to block infected devices and the rate of infections has been dropping.
One peculiar thing about smart appliance infections is that they clear out after a reboot because the malware only resides in temporary memory. To maintain a large botnet capable of launching a massive DDoS attack, hackers need to infect and reinfect new appliances every day.
The common vector for these smart appliances is open public ports. These are used by Internet of Things appliances so they can be accessible away from home. Hackers usually scan for open and exploitable ports remotely and this is how they locate targeted appliances.
Another reason why these attacks are gaining popularity is due to the fact that consumers assume that these are merely plug-and-play appliances. Usually, we set them and forget them and security is an afterthought. These recent attacks have changed the game for consumers and manufacturers alike.
How can you tell if your appliance is hacked?
As I mentioned earlier, these attacks were designed to have appliances like printers, routers, webcams, etc. to only transmit small amounts of data to aid in DDoS attacks so identifying which devices are compromised is tricky.
You may notice a slower than usual internet connection. Keep your eye out for unusual video or music streaming, buffering, or slow web browsing. You can also try a network analyzer like Fing to monitor your connected devices and open ports. Most routers have data packet analyzers and logs accessed by logging into the administrator page and checking if there are IP addresses that are transmitting unusual amounts of data.
Protect your appliances
Since these Internet of Things appliance infections only reside on temporary memory, the first thing you have to do is reboot the device to clear out the malware.
If you are checking your router, IP webcam or connected printer, it is important that you change the default administrator username and password. Do this by accessing the appliance's hub (usually through a webpage or a smartphone app). If your smart appliance connects via the manufacturer's website, make sure your password for their site is complex and unique.
Next, check for firmware updates. Now, with these attacks out in the open, manufacturers will start issuing security patches to prevent such infections. It's important to keep your firmware always up to date. If your gadget does not automatically fetch firmware updates, make sure to manually check at least every three months.
Some routers have some firewall functionality too. In your router's administrator page, look for settings named "Disable Port Scan" and "Enable DoS Protection" and make sure you turn these on.
As evidenced by these recent attacks and techniques, in this increasingly connected world, the more our homes become "smarter," the more we have to be smarter about our homes.
We heard a lot about fake news spreading like wildfire across the internet in 2016. It was especially bad leading up to the presidential election.
There was so much fake news showing up on Facebook and Google that the companies started cracking down on sites that promote it. However, news isn't the only fake thing you need to be worried about.
Cybercriminals are now creating fake websites intended to look like the real deal. It's a practice known as typosquatting.
What scammers are doing is securing URLs that are similar to the real ones. For example, instead of youtube.com they could create a URL of yootube.com, slightly misspelling the original.
They're looking for victims who type the address of the site they want to go to incorrectly, taking them to the fake site. The criminal sets the counterfeit site up to look very similar to the real one, hoping to get you to enter your credentials. In some cases, the phony sites are a base for distributing malware.
Essentially this is a sneaky version of a phishing scam. The criminal waits for someone to land on the fake site to steal their personal or financial information.
Avoiding phishing attacks
Criminals are always trying to stay ahead of the curve, delivering malicious links in numerous ways. Here are some things you can do to avoid being a victim of phishing scams:
- Be cautious with links - If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Double check the URL spelling - When typing a URL into your browser, take the time to verify you're spelling it correctly. With typosquatting, misspelling a URL could lead to a phishing scam.
- Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Before clicking on a link, hover over it and check for spelling. The safest move is to type the URL into your browser, with the correct spelling of course.
- Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
These were just a few cybersecurity threats that we're expecting to see in 2017. Of course with scammers always finding new ways to rip us off, we're sure to see some new attacks next year. Keep checking in with our Happening Now section and we'll let you know about all of the latest scams.