As you start the new year it is a time to reflect and review the possibilities to come in 2023. It’s also a time when you need to plan on what to do and how to recover in the face of ever-present cyberattacks.
A survey of Sixty-eight percent of business leaders found that cybersecurity risks are getting worse. There is a good reason. Attacks are getting more sophisticated. They are also conducted by large criminal organisations. For these criminal groups, these attacks are big business for them.
In 2021, cyberattacks increased by an average of 15.1% globally.
To make sure your business is not vulnerable this coming year, you need to keep an eye on the attacks that are taking place.
What new methods are hackers using? What types of attacks are increasing in volume? Knowing these things is important. It helps you to be on the ball with your IT security to neutralise the risk of a data breach or malware infection.
At Great IT Services we have done a deep dive research for small business in Bolton and Manchester, into what cybersecurity experts are saying in the upcoming year. Here are the attack trends that you need to keep an eye on.
5G Devices are facing increased attacks
The world has been talking about 5g devices for a few years. Finally, the lightning-fast speed you were promised is here. As providers build out the new infrastructure, this is going to be a high risk-attack area.
Unfortunately, they are much easier to hack, and hackers are clapping their hands as they hack into routers, mobile devices, and Pc’s. Any time new technology like this comes around, there will be code vulnerabilities. Which for the hackers is an opportunity not to be missed.
So, to be prepared, you need to be aware of firmware (all devices have software in a chip that makes them work as intended) security in the devices you buy.
Some companies build better firmware security than others.
Make sure you find out about the firmware before you buy any new 5G device.
Hackers are bypassing One-time Passwords (OTP) Bypass
There is an alarming new trend to get past one of the best forms of security Multifactor Authentication (MFA) which is known as a top-notch way of preventing dodgy sign-in attempts from fraudsters,
Here are the different ways that hackers try to bypass MFA. These include:
Reusing a token: Having access to a recently used OTP (One Time Password) and trying to use it again.Sharing unused tokens: Hackers try to use their own account to get a onetime password (OTP). Then they try to use it on your account.
Leaked token: Another way is using a used token that was leaked on a web application.
Password Resetting: A hacker uses phishing to fool you into resetting your password. Then they trick you to pass over your OTP either via text or email.
Attacks when there are World Events
During the crazy 2 years when the world shut down because of the pandemic, the cyberattack volume increased by about 600%. The huge criminal hacking groups have realised that world events and disasters are very profitable.
They start phishing campaigns for world events. They target everything from a war in Ukraine, a volcano, the latest hurricane, the recession. As these events can easily distract you, it makes you more vulnerable.
You need to be aware of scams like these.
The fraudsters will not hesitate to use social engineering tactics, like sharing sad photos, to play on your emotions.
Smishing and Mobile Device Attacks
We are so attached to our mobile devices these days, there is probably no where we go without them.
Cybercriminals know that and they are burning the midnight candle looking for ways to have a direct connection with you.
So, their new focus is mobile device attacks including SMS-based phishing (“smishing”)
The term smishing has been coined from the term “SMS” and “phishing”.
You don’t expect to get fake messages to your mobile. So once again this is another weakness hackers exploit.
Mobile numbers are no longer as private as they once were. These days buying lists of mobile phone numbers online is easy.
Once hackers have bought the lists.
They come up with fake texts that look like receipts or shopping notices.
Now they just wait for you to make one wrong click and before you know it there is a data or account breach.
Malware on mobile devices has shot up. In the first few months of 2022, mobile malware targeting mobile devices shot up by 500%.
You now need to make sure you have good mobile anti-malware.
You also need a good DNS filter.
So, what in the world is a DNS filter?
Without being too technical. Let’s say one of your employees is tricked into clicking on a link. Before they are allowed to go to the website, a question is asked on the DNS filter. Hey DNS filter do you know if this website is blacklisted?
If the answer is yes, then the website is not loaded. The DNS filter stops the phishing attack. If the website is not blacklisted then it will be loaded.
Mobile malware is also on the rise. During the first few months of 2022, malware targeted to mobile devices rose. It is important to ensure that you have good mobile
anti-malware. As well as other protections on your devices, such as a DNS filter.
Elevated Phishing Using AI and Machine Learning
Criminals are getting more sophisticated.
It used to be easy to spot phishing emails they would always have errors like spelling mistakes, suspicious links from emails that were not from credible sources, fake logos, and poor-quality pictures.
Although some still do most don’t anymore
Now using AI and machine learning, criminals have taken phishing to the next level.
Despite AI not even being that advanced, they are still managing to make the phishing emails look very authentic.
With the amount of data about you in the ether being mind boggling, like your previous passwords, your mother’s maiden name.
Combined with AI, hackers can craft messages that are personalized just for you, it’s getting harder to identify them.
Time for action Schedule a Cybersecurity Check-Up Today
Is your business prepared for the cyber threats coming in 2023? Do not wait to find out the hard way! Give us a call NOW or schedule a cybersecurity check-up to stay one step ahead of the digital criminals.
Great IT Services Bolton and Manchester Tel 07810025154