As we enter the fourth decade of “digitalisation,” everything from the water we drink, to the food we eat, the energy we consume the money we earn, the “friends” we make the entertainment we enjoy are virtually dependent on technology. The operating systems and the devices on which they run, the millions-upon-millions of applications, most of which are consumed and maintained by billions of consumers on billions of mobile devices.
Unfortunately, whether for personal financial gain, political power, or just to be disruptive, there are people that threaten to hack into our lives, either as computer viruses, malware, phishing attacks, cyber-terrorism, or any other of the black hat “trades” that keep the white hats scrambling 24/7.
So, could 2018 be the year that the Digital Revolution finally crashes, brought down by unscrupulous hackers? Let's take a look at four of the key threats that everyone is facing:
- Meltdown and Spectre. It's a sign of these digital times that you've probably heard that this dangerous, fundamental flaw is built into pretty much every computer on the planet — a flaw that could allow attackers to access even the most secure information on your computer. This exposure has been around for years but has only recently been disclosed. These design flaws impact the kernel, a fundamental component of every operating system and any device. Among other things, the kernel keeps the data in one application from being read by another. In short, the risk of these design flaws is the exposure of things you'd like to keep private, like credit cards or confidential company files. While there are some software “work arounds” to minimise exposure, software patches will likely slow down the performance of our devices – especially in the cloud. But worse, a concerted effort by a rogue state or terrorist organisation could cause widespread panic and disruption if that entity were to find a way to exploit these vulnerabilities across a broad array of fixed and mobile devices.
- Malware on mobile devices. Malware is an umbrella term for all the evil software that can infect your devices: viruses, worms, Trojan horses, spyware, adware, scareware, and a bunch of other “wares” like the infamous WannaCry ransomware attack that ground the global economy to a near halt last spring. Until recently, most malware attacks have been associated with computers, and not so much on smartphones or tablets. Is this because Apple and Google have more secure designs for mobile devices? Well, partially. But the real answer is economics: until recently, there were simply a lot more computers in the world than mobile devices. And considering the Microsoft OS has been around for over thirty years now – compared to less than a decade for Apple's iOS and Google's Android – hackers have had more time to become experts at their nefarious trade. But in 2018, there are certainly enough mobile devices to make a hacker's investment worthwhile, and ample time to figure out the vulnerabilities. Breaches will be bigger, hackers will be smarter, and IT security budgets will struggle to keep up. So don't be surprised if 2018 is the first year that malware goes mobile in a big way.
- State-sponsored attacks. By now it is commonly accepted that rogue nations – North Korea, Iran, Russia – are behind well-funded, well-orchestrated attempts to infiltrate commercial or government systems for extortion, disruption, or spying. With little in the way of a unified international response to these bad actors, one would be naïve to assume risks of these attacks would not increase in 2018.
- “Evil Twin” Wi-Fi Hotspots. An Evil Twin is a Wi-Fi hotspot set up by a cyber-criminal, meant to mimic a legitimate hotspot – perhaps a Starbucks that offers free Wi-Fi. These rogue hotspots look totally legitimate to the users, even replicating the valid network address (SSID) of the access point. Once a hacker lures victims into connecting to the Evil Twin, the hacker can then steal account names and passwords and redirect victims to malware sites, view the contents of files that are downloaded or uploaded, or steal personal information. Meanwhile victims have no idea they are being exploited. With the spread of Wi-Fi across the planet, we can be sure that these rogue access points will grow proportionally, making it essential for us all to ensure that we are protected when using public Wi-Fi.
The digital revolution has done a great deal to globalise commerce, putting nations and their people on common systems, and giving literally billions of people access to information and opportunities that didn't exist in the world of paper and pencil. But globalisation at this scale carries significant risks.
There are now billions of devices that can act as portals to computer systems across the world. So while 2018 will undoubtedly be another year of massive growth in data consumption by the mobile workforce, we can expect security breaches and malicious attacks to increase accordingly. Consequenty we must focus even more of enterprise and public-sector IT budgets on investments in additional security measures to ensure we can enjoy the benefits without as many of the risks.
Contributed by Gary Griffiths, president and CEO of iPass
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.