siliconindia | | June 20179far-reaching and fast-moving it was. This attack targeted computers run-ning Microsoft Windows, encrypt-ing data and holding it ransom for Bitcoin payments. Within 24 hours, WannaCry hit an estimated 230,000 computers in 150 countries, includ-ing Great Britain's National Health Service. While the attack may have only netted attackers an estimated $55,000 dollars so far, it gave the world a new awareness of the dangers posed by ransomware. Attackers Using IoT Botnets for Massive DDoS AttacksThe rise of the Internet of Things (IoT) may be making daily life easier, but it is also creating new vulnerabilities for cyber criminals to exploit. IoT devices often hit the market without comprehensive security features baked in. Whether the devices lack regular security updates or simply doesn't prompt their owners to change the password from the factory default, such security gaps leave devices vulnerable to be accessed by cyber criminals. Attackers leveraged the password misstep to launch the largest distrib-uted denial of service (DDoS) attack in history in 2016: the Mirai botnet attacks. Hackers leveraged thousands of compromised IoT devices to rap-idly access and overload servers run by domain provider Dyn, causing outages for some of the world's most prominent websites, including Net-flix, Twitter, Airbnb and Spotify.It's estimated that DDoS attacks can cost victims $22,000 per minute. Considering most DDoS attacks last about six hours, the impact of an attack can be devastating, with some companies never recovering.Cybersecurity TrendsWhile some types of attacks are growing, others are declining substantially, displaying the power of preemptive cybersecurity measures.POS Malware Creation Declined by 93 PercentPoint-of-sale (POS) malware is one example of a cyber trend stopped nearly dead in its tracks after the retail industry made it a priority. POS malware impact hit an all-time high in 2014 when massive data breaches hit retail industry leaders, exposing millions of their customers' credit card data.The retail industry answered with mainstream implementation of chip-and-PIN POS technology. Since 2014, the SonicWall Capture Lab researchers have seen a 93 decrease in new POS malware creation. Thanks to such measures, proving that cybersecurity efforts is most successful when entire industries take them seriously.Sixty-two Percent of Web Traffic is SSL/TLS EncryptedAnother point scored for cyberse-curity teams is the growth of Secure Sockets Layer/Transport Layer Secu-rity (SSL/TLS) encryption. Sixty-two percent of total web traffic in 2016 was SSL/TLS encrypted. SSL/TLS encryption was developed as a way to protect payment data, primarily for e-Commerce and other online finan-cial transactions. Today it is also used by businesses and cloud-based appli-cations across the spectrum.Though this trend is positive in theory, it can quickly become a double-edged sword if proper precautions aren't taken. Many company firewalls do not perform deep packet inspection (DPI), enabling encrypted web traffic to pass through the firewall uninspected. The problem is that cyber criminals have recognized this gap and, as a result, have begun hiding malicious content in encrypted traffic. For SSL/TLS encryption to reach its full potential as a defense mechanism, companies should ensure they have a next-generation firewall that can handle SSL/TLS inspection and make sure this feature is enabled.Cybersecurity is an arms race, but it's up to those in the trenches -- both companies and consumers -- to equip themselves with the knowledge and tools to fight attacks. This means updating your operating systems and applications as soon as possible, training employees to not open suspicious emails from unknown senders, and staying away from unsecured networks on devices that will at any point connect with your corporate network. The battle for security may seem overwhelming, but the more closely you follow best practices, the less likely you are to find yourself on the wrong side of a network security trend. Scott McCrady
< Page 8 | Page 10 >