StorageCraft Technology Corporation
X

Cyber-criminals are smarter than ever, and 2018 promises to bring some of the most advanced attacks the world has seen. With an estimated cost of around $6 trillion per year attributed to cybercrime, it’s easy to see that digital crime is just as lucrative for criminals as it is damaging to businesses. Cybercrime isn’t going away, but you can do a lot to prepare for attacks by understanding new technologies criminals are employing to steal your data and money while destroying reputations along the way. Here are the four biggest threats to watch out for.

AI and Machine Learning-Based Attacks

AI and machine learning are two of the biggest buzzwords in technology today. Cybercriminals are beginning to harness these tools in a number of clever ways as well. According to Martin Giles in a piece for MIT Technology Review, “Machine-learning models can now match humans at the art of crafting convincing fake messages, and they can churn out far more of them without tiring. Hackers will take advantage of this to drive more phishing attacks. They’re also likely to use AI to help design malware that’s even better at fooling “sandboxes,” or security programs that try to spot rogue code before it is deployed in companies’ systems.”

McAfee’s annual threat prediction report also suggests that sophisticated attacks using AI and machine learning are likely to be some of the biggest threats we face. While these attacks are becoming more advanced, they still typically rely on classic phishing tactics, and you can prevent them by educating users about how to spot and avoid various online scams.

Ransomware

With threats like WannaCry and dozens of others, we’re permanently reminded of the damage ransomware causes, and the problem continues to grow. According to a report by McAfee, ransomware issues grew 56% in 2017. Trend Micro also lists ransomware as its number one cyber-threat for 2018, calling it the “land of milk and honey for cybercriminals.” Luckily, the cyber security world is beginning to catch up. Consumers are more scrupulous, fewer off-the-shelf ransomware is appearing, and law enforcement agencies are working to crack down on this type of cyber-fraud. But despite these efforts, the growth of ransomware is a clear indicator that we should stay vigilant. The best way to prevent ransomware (in addition to firewalls and anti-virus software), is to make sure you have rock-solid backups and recovery point objectives that are within your data loss tolerances.

Email Compromise Scams

As we noted in another piece about social engineering, email scams are becoming more innovative, and indeed, cybercriminals are stealing billions of dollars simply by sending spoofed emails that look quite convincing to the untrained eye. The FBI reports that business email compromise scams increased 2,370 (!) percent between January 2015 and December 2016. This adds up to $5 billion in domestic and international losses, with a total of 22,292 victims. Trend Micro predicts that this number will increase to closer to $9 billion in global losses this year.

One important thing to remember is that companies must create protocols for various types of transaction so a system of checks and balances within the organization can stop fraudulent transactions from going through. When it comes to phishing attacks through email, users should know how to spot spoofed emails, so they never open them by mistake.

Connected Device Attacks

According a report by Trend Micro, cybercriminals will likely spend more time attempting to abuse connected devices. Last year alone saw many distributed denial-of-service (DDoS) attacks that leveraged hundreds of hijacked Internet of things (IoT) devices. These attacks are likely to increase because they often allow hackers to create proxies and hide location data and web traffic, making it difficult for law enforcement to figure out where the attacks are coming from. Trend Micro also notes that many IoT devices take longer to patch, so vulnerabilities can remain unpatched for longer periods of time.

Other vulnerable devices include aerial drones, wireless home devices, and even bio-implants such as pacemakers. Trend Micro notes that many devices don’t have built-in security, which means users must take responsibility for their own security by ensuring that passwords are secure, and that device firmware is always up-to-date.

Conclusion

A single data breach can cost a company millions, but there are plenty of indirect costs too, including loss of reputation, a change in customer and investor perception, legal settlements, and more. While a specific dollar amount is difficult to calculate, it’s obvious that investing in technologies that prevent the latest attacks is the only wise move. When it comes to protecting data, and preventing various cyberattacks, the tools you buy can easily pay for themselves if they prevent even a single cyberattack.

View Comments

    • Hi John,

      I'm glad you asked! I believe your company is in New Zealand, is that correct? You'll probably want to contact our sales team in Australia at sales[at]storagecraft.com.au or call +61 2 8061 4444. If you are interested in signing up in the United States or Canada, you can either submit an inquiry here: http://www.storagecraft.com/shadow-protect-msp.php or contact our sales team directly at 801.545.4700 or via email at sales[at]storagecraft.com.

  • This is good news that Shadowprotect will be supporting Linux OS. What if we use the current iso to take backup of linux OS, can it work for backup and restore? Let me know.

    • Hello Vinod,

      Yes, we believe this is great news that StorageCraft will be releasing a CrossPlatform version of ShadowProtect which supports both the Windows and Linux platforms. We're very excited about this news.

      The current release of the ShadowProtect Recovery Environment - CrossPlatform is a positive step towards supporting the Linux OS. Currently this CrossPlatform Recovery Environment is intended only for backing up and recovering Windows OS systems (including Windows 8 and Server 2012). Another release will have the complete tools for backing up and recovering both Linux and Windows systems. I can tell you that this later release will be out before the end of the year. Until then, thank you for your kind comments and we we're looking forward to providing you with more information about this exciting update in the near future. Check back with us again soon.

  • Thanks, Casey. This was a really interesting take on the NSA's new local data center. Despite the privacy concerns, I'm excited to see what this means for the state. Silicon Slopes is definitely filling up with some great names!

  • Rather than placing it somewhere that looks nice or aesthetically pleasing, make sure that it is located at a place that allows proper circulation of air.

  • Wow is this for real? You cover how easily a host can get a virus and how the tech runs at the base level?

    Has a vmware host ever gotten hacked or got a virus?

    Has a windows computer ever gotten hacked or got a virus?

    I almost spit out my water when I read the part about Hyper V and stability. We have both Hyper V (2008 R2/2012) and VMware. Some REAL facts.

    * We have gone over a year on some of our vmware clusters with out patching or rebooting a host. NONE of our Hyper V hosts have reached 90 days.

    * Install and setup of a clustered Hyper V host takes about 10 times longer than a clustered VMware host.

    * Upgrading a Hyper V cluster....IS NOT POSSIBLE. You cant have two versions in the same cluster so you must build a new cluster and migrate the VM's over. The migration requires downtime for all VM's on a SAN volume. Ugrading a typical 8 node VMware cluster takes about 90min as upgrade the hosts one at a time and reboot them. (VMware supports mixed versions on a cluster.)

    * Many functions in Hyper V are POWERSHELL only. For instance you cant mass upgrade the "VM additions" in SCVMM unless a guest is off. In VMware you can highlight 50 (or more) running VM's and update the vm tools. It requires a reboot but the effort is 10x easier to complete.

    * We have NEVER had a VMware host go down, at all, not once. We have had MANY hyper v hosts drop all of their VM's for many different reasons. 99% of the time its YET ANOTHER hotfix you cant get from Windows update, to fix a storeport driver, or a MPIO issue, or a failover cluster issue. There is NO WAY we would run our production servers on Hyper V.

    * Drivers....for Hyper V you can get them from your hardware vendor (Dell, HP, etc) or Microsoft, or right from say Intel or Broadcom. Often MS Premiere support will tell us to go to the NIC drivers sight and get the driver vs the Microsoft driver or the Dell driver when we have a problem. VMware.....gives you the ONLY drivers you need. Yes they re-package the vendor drivers but you get them from one source, they are tested and supported.

    A real comparison is not a technical white paper, its in the trench usage of these products.

  • Casey, congratulations on this blog post -- I could not agree more. I am the editor of the Varnex Insider magazine, and would like to talk with you about the possibility of publishing this blog in our next issue (with full credit to you and StorageCraft, of course). Please email me at the address I provided so we can talk about this. Thanks very much. -- John

  • Great post, thanks Casey Morgan for writing such an informative post. Every body knows the importance of backup but no one takes care of it. Thanks fro reminding and guiding for backups.

  • Another win-win with image-based backups which ShadowProtect delivers is the ability to take a full "base image" backup and then "incremental" backups which only capture the changes that have occurred -- greatly reducing the storage requirements for image-based backups.

    Then with ImageManager, you can consolidate the image chain over time, set retention policies and even take advantage of the new rolling consolidation feature in ImageManager 6.

  • 1 2 3 4 5 11