Every 10th company has become a victim of a ransomware virus

In the past year, the problem of cybersecurity has become especially relevant. Encryption viruses that disable banks, factories and large state-owned companies have made everyone realize how serious the issue of information security is. The new federal law N 187-FZ “On the security of the critical information infrastructure of the Russian Federation” only emphasizes the need and importance of protecting each system.

Experts in the field of information security spoke about the results of 2017. In addition to shocking facts, experts shared good news: in the past year, many previously unknown vulnerabilities were found and eliminated, which attackers had not yet had time to exploit. For example, an issue was discovered in the protection of Intel processors, which allows you to take full control of the platform.

The number of companies that experienced APT attacks in 2017 almost doubled. According to an expert assessment by Positive Technologies, every 10th organization has encountered encryption viruses. At the same time, the average period for detecting a system hack is 172 days in the West and almost 3 years in Russia.

In 2017, billions of “cryptodollars” were stolen

By the end of the year, bitcoin was ahead of the Russian ruble in terms of capitalization, and hackers concentrated their attention on blockchain projects. The most popular attack scheme was the search for a vulnerability on the ICO website and the substitution of the wallet address to collect investments. Often the victims of the attackers did not even suspect that they had been hacked. For example, the Israeli CoinDash lost $7.5 million in this way.

Secret mining has become especially popular: Positive Technologies experts found hundreds of computers in large companies that mined cryptocurrency for unknown hackers.

The Rise of the Machines is here

Victims in 2017 were not only lovers of virtual currency, but also owners of smart devices. Hackers have begun using unsecured devices like smart coffee machines to shut down petrochemical plants. And with the help of “smart” aquariums, attackers have learned to attack casinos.

Mobile networks will abandon the Diameter protocol

Critical vulnerabilities in mobile networks have been discovered that can cost human lives. With their help, you can hack self-driving cars and deprive such cars of controllability. Positive Technologies experts drew the attention of mobile operators to the insecurity of the Diameter protocol, due to which it was decided to abandon this protocol in the next generation 5G networks and replace it with an alternative.

The main trend of the outgoing year was the complication of attacks from a technological point of view. Sad as it may seem, but attackers keep up with science: hackers are already actively using artificial intelligence, neural networks and machine learning principles to create and spread viruses. However, this is a tool for both sides – not only viruses are being improved, but also ways to eliminate them.

Forecasts for 2018

The response to the increasing complexity of attacks has been a growing interest in building Security Monitoring Centers (SOCs). Already in 2017, about 10 companies started creating their SOCs, and in 2018 this number will triple. GosSOPKA and the requirements of Law N 187-FZ do not guarantee that the system cannot be hacked, but this will cut off 90% of primitive attacks and concentrate on high-level problems.

Due to the growing popularity of cryptocurrencies, web wallets and applications of blockchain projects will be at risk in the new year: sooner or later they will be hacked through phishing.

The basis of the security of any system is the observance of simple protection rules. Install the latest security updates, use strong passwords and two-factor authentication – in most cases this is enough to avoid ransomware and infection of the system.

We must not forget about “personal hygiene” in the field of information security

In conclusion, we can say that progress does not stand still. No matter how high-tech security systems are, they are not perfect. Attackers always find a way to bypass protection, and the only question is how quickly they do it. An important task of cybersecurity is not only the solution of existing problems, but also the search for still unknown vulnerabilities and their elimination. However, many troubles can be avoided if you always remember about “personal hygiene” in the field of information security.

Read also:
How to protect data transmitted over the network and avoid spying from sites
How to secure your Gmail mail?