Cyber-attacks to increase, get sophisticated in 2016

By Adedeji Fakorede

United States of America’s software security firm, Symantec Corporation has warned that cyber threats would increase and get more sophisticated in 2016, by so doing increasing the risks and vulnerabilities of smart devices, Internet of Things (IoT), and critical technology infrastructure.

Symantec’s security intelligence team, in its report “The Internet Security Threat Report Volume (ISTR) 20”, also noted that the need for biometric security would grow, the battle between ransomware gangs and malware distribution networks will heat up, the need for encryption will escalate and the cyber-attacks and data breaches will drive the need for cyber insurance.

The report, noting that International Data Corporation (IDC) or Apple now accounts for 13.5 per cent of global smartphone shipments and 7.5 per cent of global PC shipments, noted that the increase in usage would see rise in the level of Apple-related malware infections — denting the perception that Apple devices are “free from malware”.

It predicted that the boom in use of biometrics in last two years would further grow with major industry players implementing new capabilities both with new sensors in devices and with adoption of biometric authentication frameworks. This would ensure better security for users with significantly increased convenience for device unlocking, purchasing and payments.

The report pointed the need for improved security on IoT, or a network of physical objects or “things” embedded with electronics, software, sensors, and network connectivity which enable these objects to collect and exchange data, noting their vulnerability towards infections and new malware threats will only increase and the need for improved security in this industry will become more pressing.

It however noted operating systems makers, in particularly Apple, are making good strides in enforcing security in this industry.

Symantec also predicted that in 2016, attacks on critical infrastructure would increase due to the cyber-warfare campaigns and operations by nations and other actors, while ransomware gangs, or those specialising in malware that encrypts and locks user files and releases it only in exchange of payment, will come into conflict with more traditional malware distributors.

It also said the need of encryption of data would increase with the rise of communication and interaction between people and systems over insecure and vulnerable networks like the Internet, while two key factors – new regulations that obligate companies to respond to information breaches and the increase of cyber criminals using stolen information for payment fraud, identity theft, and other crimes would drive the need of cyber insurance.

Already, DataGroupIT report titled: ‘Unified Intelligence: Authentication and Fraud’, disclosed that Nigeria loses about N78 billion yearly to the activities of cyber criminals who target the financial institutions, associations and government’s Ministries, Departments and Agencies (MDAs) and regulatory authorities.

According to the report financial institutions are losing about N50 billion; associations N11 billion; Govt MDAs N10 billion; telecommunications firms N4.5 billion; ePayment companies N3 billion and on the overall, the country loses N78 billion yearly.

The report listed top three cyber-attacks methods used in Nigeria to include social engineering, which is about 83 per cent; malware 42 per cent; pharming, SQL injection, spoofing 23 per cent.

Other methods included brute force attacks, weak passwords; website defacement; use of unpatched software; organized crime syndicates, physical disconnection; hacking, email hacking; internal security breaches among others.

It informed that about 200 million strains of malware continue to look at business loopholes to wreak havoc, adding that 87 per cent customers from interaction feel upset frustrated or betrayed when an online transaction is declined.