SonicWall has just released its latest Global Threat Report, and it contains reasons for cheer, alas it also has lots of reasons why you need to be afraid and take precautions.
The good news: POS malware variants have declined by 93 per cent since 2014, the bad news: between 2015 and 2016 the number of ransomware attacks rose 167-fold, or so Florian Malecki, SonicWall’s International Product Marketing Manager, told me.
There is a risk of complacency. “In 2016, 62 per cent of traffic through firewalls was encrypted, this was 38 per cent up on 2015,” said Mr Malecki, but that does not mean you can relax. There is some painful irony in encryption. It makes it harder for people to hack into your system, but if the data does have something nasty lurking in it, you are less likely to spot it.
In fact, it is impossible to identify malware hidden in encrypted packets without decryption/deep-packet-inspection (DPI) capabilities.
Take as an example, what has been called ‘watering hole’, a hacker may guess which sites people in an organisation use, infect them with malware, which may eventually find its way onto your system; you may be none the wiser, until it is too late.
Okay, once you have decrypted the traffic, you still a good quality firewall and malware definitions to identify and block the threat. It is just that if you cannot see into the encrypted packets you have no chance of stopping the threat getting inside your network.
Now, let’s celebrate some good news.
The introduction of chip and pin has reduced the benefits of stealing a credit card, even when you pay online, you often require a password. So, that has helped.
And the rise in greater encryption has followed the Snowdon affair.
We have become savvy in one respect, but the dark side, the people Mr Malecki refers to as the bad buys, are nothing if not ingenious.
It can be hard for a hacker to break into a protected site, but instead, a hacker can use SSL (secure sockets layer) or TLS (transport layer security) to disguise their activities. Many organisations do not have the technology to look inside the traffic.
So, there is a need for education. If you don’t have the solution for analysing encrypted traffic, the chances of getting hacked are greater.
And that takes us to ransomware, the numbers are staggering.
In the Q1 of 2016 there were 31 million attacks blocking access to traffic. By Q2 that had increased to 137 million, to 204 million in Q3 and 266 million in Q4.
This is nasty stuff, and it is becoming a well-organised business too.
One danger is phishing emails. The email may look like it’s from your bank, for example, but click on the link, and you leave yourself vulnerable. In that way, some organisations can be hacked via a USB stick, unbeknown to the owner of the USB stick.
Ransomware emerged two years ago, and is becoming an issue, people assume ‘It won’t happen to me,” said Mr Malecki.
But there is a lot of money at stake, and SonicWall estimates that there is $2 billion of potential to be made by the bad guys. They may require payment before giving you access to your own data.
And in the economic climate, people struggle to pay bills.
These days, if you want to make money illegally, and you think selling drugs or robbing a bank is tad risky, there is always the dark web, you can find companies that will act on your behalf, ‘hacking as a service.’
It conjures up images of smartly suited sales people pitching to you, on how they can make your money grow, just by engaging them to create havoc with companies. Of course, in reality, it is all done anonymously, the dark web sales pitch occurs in virtual space.
But a new danger is emerging.
The Internet of things has the potential to change the world, but security is low. A hacker could, for example, break into your own home system, open the shutters on your windows, turn on your oven or even open your front door.
Or they could hack into a system that manages traffic flow in a city, turn all traffic lights green, for example.
Or there is the danger of them hacking into a parcel delivery system, and have the parcels sent to the wrong addresses.
Ecommerce sites may be subjected to DDOS attacks, in which they are bombarded by information requests which can lead to a denial of service.
We live, it seems, in a bad world.
Crime may not feel so obvious when it is the form of cybercrime, but it is still crime, and can be nasty, and that means we always need to be alert. Don’t assume that just because your data is encrypted you are safe.
But the Internet of Things may be the location for the next battleground – a battleground that may be everywhere.
