Hackers eye new targets in new year

Experts weigh in on the cyber security issues that are expected to worsen this year

Technology can unlock new business potential, but it can also pose greater cyber security threats, cyber security experts have said. They predict what will happen in the field this year:

IOT: TARGET OF ATTACK

The Internet of Things (IoT), which refers to devices and networks being connected to allow them to collect and share data, is expected to have about 1.8 billion consumers devices by 2019, according to the McAfee Labs 2017 Threats Predictions report.

These devices will be a target for cybercrime, especially as people place huge trust in third-party vendors being safe, said Mr Sean Duca, Palo Alto Networks vice-president and regional chief security officer for Asia-Pacific.

"These endpoint devices provide thousands of potential entry points to an organisation's network," he said.

For example, an attacker can turn up the heating in a company's server room or data centre, causing the hardware to overheat and therefore disrupting the business, its customers and its partners.

"Organisations need to (learn) their potential weak spots through third parties as well as their own networks.

"Additionally, they need to put a plan in place that would help counter any potential attacks," he said.

ARE SMART HOMES SAFE?

It is not just businesses that need to worry, particularly with the growth of smart homes around the world.

Even though the market for smart homes is growing, the products for them are still in the early stages of development and could be vulnerable, said Mr David Freer, vice-president of consumer Asia Pacific at Intel Security.

For example, home IoT device-makers rely on third-party code libraries to shorten the development process and reduce costs, he said.

That can lead to cyber attacks by malicious code via the third-party libraries.

To protect your smart home, change your password frequently, regularly update the software, and be mindful about who is connected to your network, he said.

Last April, Yuhua became the first estate here to roll out smart home packages, which included one that monitors the use of energy and water, and allows appliances to be switched on and off remotely.

RANSOMWARE TO GROW

Mr Duca said he expects more cases of ransomware, which is the leaving of users' PCs and even company servers locked down by attackers in exchange for monetary ransom.

The Straits Times reported that Singapore ranked 42nd globally in terms of ransomware by destination, with 16 total attacks a day and a total of 5,767 attacks last year.

"If the discovery of Locky ransomware (a major strain of ransomware) was anything to go by, financial malware will continue on an upward trajectory (this year)," said Mr Duca.

But Mr Freer said anti-ransomware initiatives and improved cyber enforcement will lead to fewer cases.

DDOS ASSAULTS TO RISE

Last October, StarHub's home broadband network's Domain Name Servers came under a distributed denial of service (DDoS) attack, which resulted in two major disruptions.

A DDoS attack works by getting thousands of infected computers to overwhelm a target site, which then cannot cope with the spike in traffic.

Neustar's Asia Pacific general manager Robin Schmitt said DDoS attacks will only get more complex and ferocious.

He urged companies to invest in proper technology and services to combat such attacks or risk suffering significant loss.

"In the world of DDoS defence, having the wrong solution or inadequate capabilities can be the difference between reading the news and making the news," he said.

rloh@sph.com.sg

This article was first published on Jan 9, 2017.
Get The New Paper for more stories.