The year 2017 has been an eventful one. With the year almost coming to an end now, we can ruminate about the significant milestones that we have witnessed this year. We, in India, saw the implementation of the much-awaited Goods and Service Tax (GST), the Supreme Court ban on instant triple talaq and the initiation of the bullet train project amongst others. Good things apart, digitally speaking, the year 2017 also witnessed several high-impact cyber attacks all around the globe. From rumors of the US election being hacked doing the rounds, ransomware WannaCry having brought several countries across the globe on their knees to the more recent Equifax hack, this year has seen it all!

Cyber Crimes Are Getting More Sophisticated

Talking about cyber security breaches, this year saw a sharp rise in the intensity of ransomware attacks. In fact, the first half of 2017 reported 4000 ransomware attacks across the globe, each day! With so much progress in the devious world of cyber crimes, one can only begin to imagine what the year 2018 would bring upon us! Following is the list of 5 major security threats that one should expect in the year 2018.

1. The Cloud Is Under Threat

The ‘Cloud’ is the next big thing for organizations looking forward to virtualizing their operations. However, the rising security threats have compelled organizations to create and impose newer regulations on the use of the cloud. This is most likely to affect the working of organizations that depend heavily on cloud-based storage and computing. Such organizations shall be torn between the need to comply with the new data protection/localization requirements and the expectation to execute their routine services at the usual speed.

2. Warning Bells For The Internet of Things (IoT)

The Internet of Things (IoT) has sent the world and digital fanatics into a frenzy with its potential to connect humans, devices and places in real-time. Physical presence is increasingly being complemented with an electronic equivalent, to the extent that there is a whole digital world intertwined with the physical. But the devices that are being used to power IoT aren’t perfectly secured. They have some obvious loopholes which if cracked by cyber criminals would open the doors to a trove of sensitive data. Such breach of security may irreversibly damage an organization’s brand identity and expose individuals to incomprehensible damages.

3. The Ever-Evolving Race Of Cyber Criminals

1 in 131 emails contains a malware. Ransomware attacks rose by 36% in 2017. 230,000 malware samples are created every day. Warren Buffet attributes cyber-attacks to be the biggest threat to mankind, being even more severe than nuclear weapons. These facts and statistics are enough to shout out aloud that the skills and expertise of cyber criminals are on an upward growth trajectory! To top it all, the lack of appropriate laws to control access to sensitive information is making cyber attacks a more lucrative option for causing damage, especially for certain terrorist groups. Thus 2018 is likely to see more development and threats in terms of cyber-terrorism.

4. The Silence Of Cyber Security Researchers

An organization’s cyber security researcher is entrusted with the responsibility to raise an alarm when a cyber threat strikes and make it public. However, software manufacturers these days have resorted to threatening such researchers with lawsuits and other hostile actions to keep their revelations under the cover, arguing that it can make the software developed by them susceptible to hacking. This fear of legal action is sure to silence cyber security researchers but the long-term implications that it shall have on the evolution of cyber security solutions are best left to the future to decide! Customers will soon be at the mercy of software replete with vulnerabilities that the manufacturers chose to hide rather than fix!

5. Impractical Expectation From The IT Department

Cyber crime vulnerability is mostly a result of the lack of preparedness of an organization to handle the unlikely event of a data breach or any other cyber threat. A survey conducted by PwC has revealed that only 37% of organizations have a cyber incident response plan in place! Three in ten have no plan, and of these, about half of the cohort feel that they don’t need to worry about cyber security at all! However, with the rise in the incidents of cyber security breach, board members of most of the organizations are treading more carefully and are setting unreasonable security goals for their information security managers. This is not an ideal approach as a robust security infrastructure cannot be achieved overnight. Plus, it is detrimental to the progress of an organization as it shifts focus from the existing tasks to security management.

Complete protection may not be possible. But prevention surely helps.

While it is not possible for an organization to completely mitigate cyber attacks, it is good to at least start with analyzing their existing threat landscape, identify loopholes and eventually have a robust cyber security management in place. Incognito Forensic Foundation (IFF Lab) based in Chennai and Bangalore in India, provides services and solutions pertaining to cyber security analysis and threat management. They also have a fully equipped digital forensic lab for conducting detailed forensic investigations on a multitude of cyber crimes.