TALKING BUSINESS
HOLDING SECURITY RANSOM
ESET has released a report with eight researchers examining the speed at which new technologies emerge and attack surfaces widen. In this context, ESET considers where security risks will migrate and what companies, experts, governments and users can do to face them.
An overview of the cyber security landscape for 2017 If 2016 was the year of ransomware, 2017 could perhaps be the year of jackware, as Stephen Cobb suggests. It means that this could be the year in which the ruthless threat of ransomware migrates to other platforms beyond computers and smartphones, whose primary purpose is not data processing or digital communications. Connected cars, as in the situation above, are an example.
However, smart devices will not be the only viable targets acquired through the internet: attackers will surely use it to probe critical infrastructure and will continue to look for ways to cause damage, deny service, or hold data hostage. Attacks on critical infrastructure, which Cobb and Cameron Camp analyze in a section of the report, relate to the compromise of data and services that are essential for systems related to physical, economic or national security. In short: those vital for the everyday stability and development of a society.
And if we talk about things that are vital, what could be more important than protecting the systems that support the functioning of the healthcare industry? As it becomes increasingly computerised, more practitioners and patients are using internet-connected medical and fitness devices that are full of sensitive information. However, security and privacy are often an afterthought, explains Lysa Myers in her section, indicating that the future of healthcare will possibly continue to bring significant challenges.
There is another sector where device integration is increasingly common: videogames. Cassius Puodzius describes the potential risks of integrating consoles with computers, in a system that is increasingly internet-dependent and could lead to the exploitation of vulnerabilities, or malware infections aimed at stealing personal, financial and even the game play information of gamers.
It is true that the exploitation of vulnerabilities will continue to be an important attack vector, just as it has always been, but we should not lose sight of the trend in this regard. Lucas Paus points out that although the number of vulnerabilities reported in 2016 does not yet equal the number recorded in 2015, nearly 40 % are critical – and this is a larger proportion than in previous years. So why are there fewer flaws reported, but more of them proving critical, and what does this mean? In this section,
28 INTELLIGENTCIO www. intelligentcio. com