27 Dec 2016
With the year winding down and Christmas and the New Year coming up, it can be easy to forget about 2016 and everything that happened this year. If your holidays are looking great, read our review of 2016 hacking trends to make sure that next year you’ll feel the same way.
Ransomware was a top online threat this year. Not only did ransomware attacks increase three-fold from 2016, but ransomware code was made public which means you can expect new variations in 2017. Which is very bad news for everyone in the medical field since they already experienced the worst of the ransomware rise in 2016.
You probably heard of the Hollywood Presbyterian Medical Center attack that made the hospital staff resort to paper records and handwritten notes until they paid the $17,000 ransom, but there were many more where everything from patient records to CT scans were knocked offline putting lives at risk.
The pain doesn’t end there, though, because after a hospital or medical practice is hit by ransomware they must figure out if confidential patient information was breached and sally up with the ensuing HIPAA violations and fines. There were more ransomware attacks in 2016 than ever before, and there was a 400% rise in the number of ransomware families this year. If you deal with anything medical, 2017 is a storm on the horizon.
Another disturbing trend for 2016 was DDoS attacks through Internet of Things (IoT ) devices. This fall the Mirai Malware ran a DDoS attack on internet infrastructure provider Dyn and shut down sites like Twitter, Amazon, and Spotify all over the country. For now, one of the main IoT devices that hackers target are webcams. But nothing is off the table once it is connected to the internet, and these days it seems like just about everything can connect. Before 2016 most manufacturers ignored the need to protect webcams and other IoT devices from hackers, but after this year they won’t have that option any longer. There were recalls on vulnerable webcams this year and if vendors don’t begin to protect the devices they sell you could see many more recalls not just on webcams, but on devices like routers and network printers in 2017. The Mirai code was made public in 2016, so you just like ransomware you can expect to see new and unpredictable variants in 2017.
If you are not in the medical field and are not a company or website a hacker would target with a DDoS attack don’t worry, 2016 had something for you too. Business email compromise was another way hackers exploited businesses. With a BEC hack, a cybercriminal will scout the habits and contact list of an individual before tricking them into transferring them money. BEC hacks cost the hacker very little, but on average earn them $140,000. (For scale, a ransomware attack on average earns a hacker $722) BEC hacks are especially a problem for companies that have customers or partners in other countries. BEC hackers love to target companies in other countries that are used to sending money overseas because there is very little chance that the hack can be traced back to them. We’ve already seen hackers from other countries go as far as using hacks to influence elections in America this year, so you can expect more BEC hacks in 2017.
It doesn’t matter if you’re a hospital, a small business, or even just an individual. Hackers from all over the world are preparing to steal your money and privacy. If you were not affected in 2016, 2017 will be even more dangerous. The people who think they can skate by are the ones who will pay the most when they’re attacked, don’t let it be you. Make a New Year’s Resolution to take cybersecurity seriously.