The upcoming year is set to feature various trials and tribulations for those working in the IT sector. It is important for professionals to stay up-to-date with the latest trends in order to prepare themselves for the sudden changes that are set to face the industry. So, what should IT professionals be on the lookout for in the coming year? We will take a look at some of the most prominent issues.
What challenges will people in IT security jobs face this year?
Data theft in healthcare
It is understandable why this is the case. Medical records and patient data contain very valuable pieces of information for hackers and other criminals and, really, no other records in the United Kingdom contain as much personally identifiable information that can be used for various types of fraud and identity theft attacks. While they contain personal information, they also tend to include sensitive financial data like insurance providers and sometimes direct debit details, which could lead to financial exploitations.
Patients are not the only targeted individuals for this type of attack. Doctors and other medical professionals are also at risk. This is because they sometimes make it easier for cyber criminals to circumvent IT security policies within hospitals and surgeries. When this information is accidentally made accessible, such as a poorly saved document or improper logging out processes, the credentials can be accessed by the third parties in order to wreak havoc in electronic records. It is also possible for hackers to access this information remotely through a Trojan horse attack. While this is an unfortunate case, it is thankfully rare in the United Kingdom. However, it does not mean that cyber attacks are likely to decrease when it comes to medical sources in the coming year.
Identity selling from credit card theft
Credit card thieves have long been the bane of the internet's existence, but they are expected to take on a whole new dimension this year. Credit card thieves will effectively become information dealers, where they will not just be after the credit card numbers. Increases in overall credit card security have made a window of opportunity for stolen debit and credit cards even narrower, so those interested in exploiting sensitive cards will need to do so even quicker than before. This leaves card thieves with a very high-risk resource of valuable information. Namely, a cardholder's personal information, which is often tied to the card itself.
What this ultimately means is that card thieves could create valuable data resources, where customer information can be pooled into databases and sold off to spammers for targeted advertisements. This means that the upcoming year is likely to see a far higher rise in spam, but it will probably be very focused on a customer's own personal habits: particularly when they have experienced card theft or other forms of fraud. It will be interesting to see where this heads, as the idea of mass spam messages to the widest audience possible seems to be headed downhill as a means of circumventing spam filters.
Changing e-mail threats
E-mail exploits are set to take on an entirely new level of sophistication. Internet browsers were once thought of as the most exploitable applications, but the focus is now changing to e-mail where there will be an increasing presence of web link based attacks. These attacks, where e-mail users click on a link in order to be redirected to a malicious website, which registers an e-mail account as active and targets it using specific ads, much like the way card thieves plan on selling customer data, will allow a more streamlined sending of spam messages that are meant to evade filters since customers will have registered their interest for these messages through clicking on the link and automatically joining a mailing list through a malicious code.
Hidden workplace attacks
Companies have increasingly allowed access to cloud storage and social media tools in order to help facilitate the day-to-day operations of their businesses, but this is making it increasingly difficult for network administrators to control the flow of traffic to reputable sources. Many hackers are choosing to hide in these seemingly approved channels and are awaiting to strike through Command and Control infrastructure. These attacks are likely to increase due to their deceptive qualities, where administrators will not see the attack coming and will be kept on their toes in order to ascertain what legitimate web traffic is and what is not.
Source: Websense 2015 Security Predictions Report