Welcome to
Life at ESDS

ESDS Blogs and Accolades

Discover a world of possibilities. Explore our blog for expert insights, industry trends, and best practices.

15
Feb

2016 brings new security threats along with it..!!!

security threats

Security Threats

Hackers ARE NOTHING if not persevering. Where others see obstructions and quit, Hackers savage constrain their way through hindrances or discover approaches to diversion or detour them. Also, they’ll calmly contribute weeks and months contriving new techniques to do as such.

Hackers are nothing but criminals. Where others see obstructions and quit, hackers savage their ways through hindrances they contribute weeks and months contriving new techniques to discover loopholes and detours in web securities.

There’s no Moore’s Law for hacking development, yet any individual who takes after cyber security realizes that procedures get bolder and more complex every year. The most recent twelve months saw a few new patterns and one year from now undoubtedly will bring more.

Here’s our interpretation of 2016.

Data manipulation cyber threat:

According to James clapper, director of national intelligence(US), data manipulation of digital data is a new nightmare in cyber threats which can instead of deleting or releasing stolen data can hamper the complete integrity of the data. Initially the concern was theft, but what if someone gets into your system and starts manipulating or changing the data to an extent that it’s unbelievable for the operator himself.

Data alteration can be negligible but can have enormous consequences. For e.g. lotus 1-2-3 had a bug which caused miscalculation in spreadsheets, it was an unintentional error but due to its vulnerability attackers could breach into financial and stock trading systems and alter the data and force stock prices to rise or fall according to their motives.

Cyber shakedown:

Hacker’s shakedown is predicted to increase in 2016. shakedown doesn’t mean standard Ransomware attacks, extortion attacks or shakedown attacks are attacks where hackers malware encrypts or otherwise locks access of the host system and demands a ransom instead of its release or threatens to release sensitive information from the client critical database information. Even if you have the back up of your data but public release of crucial information/data can ruin you and your clients.

Tracking such attacks is difficult as the public doesn’t get to know even if the victim has caved and the extortion has occurred. Attacks on Malaysian Airline, Facebook and specially Ashley madison hack which cost a CEO and exposed millions of predictable cheaters to public ridicule and worse. There is another e.g. Investment bank in UAE which resulted in the compromise of massive customer account information. These attacks are very critical and can have terrible repercussions resulting in customer lawsuits, job losses and such attacks are expected to become more prevalent in 2016.

Rise of IOT (Internet of Things) zombie botnet:

A botnet (otherwise called a zombie armed force) is various Internet PCs that, in spite of the fact that their proprietors are ignorant of it, have been set up to forward transmissions (counting spam or infections) to different PCs on the Internet. Any such PC is alluded to as a zombie – essentially, a PC “robot” or “bot” that serves the wishes of some expert spam or infection originator. Most PCs bargained along these lines are home-based. By report from Russian-based Kaspersky Labs, botnets – not spam, infections, or worms – presently represent the greatest risk to the Internet. A report from Symantec reached a comparable conclusion.

In the event that 2015 was the year of verification of-idea assaults against IoT devices, 2016 will be the year we see a number of these idea assaults move to reality. One pattern we’ve effectively spotted is the laying hold of IoT devices for botnets. Rather than programmers capturing your devices for their zombie armed force, they will lay hold of substantial systems of IoT devices—like CCTV observation cameras, smart TVs, and home computerization frameworks. We’ve as of now seen CCTV cameras transformed into botnet armed forces to dispatch DDoS assaults against banks and different targets. Not at all like a desktop PC or tablet it can be harder to know when your associated toaster has been enrolled in a bot armed force

Chip & Pin:

The cards contain a chip that confirms it as a real bank card furthermore creates a one-time exchange code with every buy, keeping programmers from embellishing stolen information onto fake cloned cards to use for false buys in stores. Yet, this won’t stop extortion by and large; it will just move from block and-mortar stores to online retailers. In the UK, where chip-and-PIN cards have been utilized subsequent to 2003, card-present extortion—exchanges done in individual—has dropped. Yet, extortion for card-not-introduce exchanges—those finished via telephone or online—expanded from 30 percent to 69 percent of aggregate card misrepresentation somewhere around 2004 and 2014, as indicated by the UK Payments Administration. Neither a PIN nor a mark is required when clients utilize their cards on the web, so basically taking card numbers is adequate for this sort of misrepresentation. Expect those online misrepresentation numbers to ascend in the

Whenever a security community closes a way of attack, hackers improvise and find another. In e-commerce when retailers stopped maintaining customer transaction details in their database, hackers found an avenue to sniff this crucial database live as it was sent to banks for authentication. security groups securely encrypted the transit information to avoid sniffing, hackers found that and installed a malware at point of offer(POO) to record the transit information which records the information as soon as the card get swiped.

Prominent backdoors:

Nimada gained entry through a backdoor left open by Code Red. Backdoors installed on firewalls gives a hacker ability to decrypt protected traffic running through VPS. A secondary passage is a method for access to a PC program that sidesteps security systems. A developer might here and there introduce a secondary passage so that the project can be accessed for investigating or different purposes. In any case, assailants regularly use secondary passages that they recognize or introduce themselves, as a feature of an endeavor. At times, a worm is intended to exploit an indirect access made by a before assault.

Leave a Reply

1112

Happy Employees

80 +

Annual HR Activities

20

Year Of Experience

500 +

CSR Initiatives