Cyber Threats in 2016: Here’s where the danger lurks
Banks, companies, governments and private individuals – they were all affected by cyber threats in 2016. The DDoS attacks unleashed on devices belonging to the Internet of Things were particularly concerning. The attacks on the website of the journalist Brian Krebs at 620 Gigabit per second, on OHM at one Terabit per second and on Dyn at 1.2 Terabit per second were new records. In this article, COMPAREX sums up the biggest cyber threats of 2016 and explains what we can learn from them for 2017.
An article by the COMPAREX Blog Editorial Team
DDoS attacks were among the top cyber threats in 2016. A DDoS attack means that one component in a data network (e.g. the server) becomes overloaded and therefore blocks the whole system. This is what denial of service means. If a larger number of systems cause the overload, it can frequently indicate that an attack is ongoing, which is called a distributed denial of service (DDoS). But the record DDoS attack on the DNS provider Dyn allowed conclusions to be drawn. It appears that the attackers linked devices belonging to the Internet of Things to produce a botnet . This huge network of "slave" devices such as IP cameras, baby monitors, refrigerators and coffee machines – all of them hooked up to the Internet and each with their own significant security vulnerabilities – allowed the hackers to seize almost unimaginable resources. This was enough to take down Dyn , and with it even prestigious companies like Amazon, Airbnb or PayPal. Supposedly, the hacktivist groups Anonymous and New World Hackers used the attack as revenge for the Internet exile of WikiLeaks founder Julian Assange. Soon afterwards, the following message was posted on the WikiLeaks Twitter account: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point."
Internet of Things
Release of the malware Mirai at the start of October took the spiraling threat posed by attacks to a new level. This software aims to scan devices belonging to the Internet of Things to detect weak passwords and to incorporate the devices in a botnet. The risks posed by security vulnerabilities of simple devices were neglected for a long time. For instance, Verizon wrote in its 2015 Data Breach Investigation Report : “Don’t waste your time worrying about mobile and IoT when it comes to data protection priorities.” Verizon claimed that malware is more prevalent on other platforms than mobile devices, and that the focus should be placed on the at-risk areas. Moreover, the reports concentrate mainly on companies that are looking to protect their data. But what can consumers do if their coffee machine brews a hot beverage at 7 am, the fridge asks about milk supplies at 7:10 am, and they then join forces five minutes later to unleash a corporate attack? Might companies therefore be exposed to the risks lurking in the IoT devices? Yes! The Federal Office for Information Security in Germany (BSI) warned in its report The State of IT Security Germany 2016 , released at the start of November, that IoT devices could indeed be manipulated in botnet attacks.
An attack at the end of November took down almost a million routers in Germany . A breach in the security protocol was exploited to load malware onto the routers. Later on, experts assessed the attack to be quite shoddily executed, as it failed to achieve its actual goal. The purpose had been to draw the routers into a botnet so that they could be used in future attacks. But the problem was solved merely by restarting the affected devices. Nevertheless, several German politicians used the attack to call for new legislation, demanding that the industrial sector show a greater appreciation of responsibility and quality in the development of its software. The import of cheap and poorly programed technology from China was also criticized. Interior Minister Thomas de Maizière proposed setting up a “rapid response team”, while Telekom CEO Timotheus Höttges suggested upping the ante by creating a "Cyber NATO".
The future goals of the black hat hacker community are clear, namely to enslave as many devices as possible. There are now fears, especially since the "Trident" vulnerability was discovered in iOS devices, that a similar weakness could also be identified in their Android counterparts. The malware Pegasus teams up with Trident to sniff out high-target devices and is able to export everything from calls and e-mails to encrypted app data. It would be fatal if hackers were to acquire similar capabilities for Android devices. Over 1.4 billion devices worldwide use Android. Unauthorized access to even a fraction of this number would allow hackers to carry out DDoS attacks at over 30 terabits per second. What’s more, DDoS attacks could even be expanded to target mobile network providers. Companies urgently need to draw up emergency plans for similar situations and to ensure they are adequately protected.
At a glance
To show you why IT security is such a big issue, we summarized the biggest cyber attacks of 2016 and their outcome:
Protect your IT against Cyber Attacks!
Let us have a look at your security infrastructure to secure your company and protect it from considerable losses. You are looking for someone having a profound knowledge of all technologies of the major IT security vendors? Contact us today and our experts will help you to find the security solution to be prepared for the upcoming cyber threats in 2017!
Thanks for contacting us.
We received your contact request regarding Information about IT-Security. One of our consultants will contact you shortly.
For regular updates and articles from COMPAREX, click below to follow us:
Viruses, worms and simple malicious code were the most frequent threats to the IT landscape before the turn of the new millennium. A signature-based protective mechanism in the form of an anti-virus program was sufficient to provide adequate protection against standard cyberattacks. Read the full article ...
More and more companies are now threatened by Ransomware attacks, attacks by malicious programs that encrypt data on other computers with the aim to pay a ransom in order to allowed access their data again. Read a Ransomware attacker can proceed, and how serious the consequences can be. Read the full article ...
Get an overview of all published blog articles of the past months.