3 Cyber Security Threats That You Should Be Aware Of In 2015
E-shopping using your credit card, syncing your office emails with your mobile device using an email app and authenticating financial transactions using one time passwords sent as text messages into your mobile device by your bank are some of the common things that a tech savvy consumer of today does. Are you aware that cybercriminals are leveraging these consumer activities to build sophisticated ways to compromise your data?
Consumer technology is evolving really fast. But along with it is evolving a new threat which is being exploited by cybercriminals. In a recent interaction, Surendra Singh, regional director-India and SAARC, Websense talked about 3 key cyber security threats a technology savvy consumer must be aware of, in the coming year.
Credit card data thieves will sell personal dossiers.
With billions of dollars for the taking, retail cyber-attacks seeking credit card data are likely to continue in 2015. However, as those within retail security escalate their defenses (and security measures such as Chip and PIN technology are mandated), we will see a morphing of the manner in which these thefts are committed
For example, data thieves will begin to tune their malware to gather other information besides just relevant credit card details. With a tiny code modification, credit card stealing malware can now also steal credentials or any information associated with that terminal, including the user’s identity, customer loyalty programs or other store-related data
This personal information pulled from the criminal cloud, will then be worth considerably more than the simple credit card number. Those now selling credit card accounts are likely to adapt their illegal craft to selling complete personal identity dossiers.
Mobile threats will target credentials and data
Mobile devices are conduits to consumer data, sitting on a variety of cloud based apps. Because of this, criminals will go after mobile device – not to simply crack a phone code and steal data from the device – but as a vector in the growing data resources that the device can freely access in the cloud
In short these attacks will use the phone as an access point to the increasing cloud-based enterprise applications and data resources that the devices can freely access.
Smartphone as an authentication device will spell fresh threat
Criminals will take advantage of the increasing reliance on the smartphone as an authentication measure. This is likely to manifest itself as a malicious code, designed to either intercept the text or code generation authentication elements built into mobile programs or clone or mimic a mobile device itself to take over other accounts in a variation of man-in-the-middle attacks
With this information, criminals can use the device as a key to access a broad range of information available to the user, including valuable corporate data.