Cyber attackers have an abundance of opportunities to steal or modify data and disrupt business services – and their playground grows bigger and more diverse every day as the world becomes increasingly more digital.
Going into 2016, a number of new attack targets are expected to be in the headlines, drawing everyone’s attention to the lack of privacy and security in our interconnected world.
While data breaches are common news today, below are the top hacks that are likely to affect your life in a variety of ways in 2016.
>See also: The scariest cyber threat of all? How hackers are hijacking planes
1. Fantasy sports
There’s big money in fantasy sports. According to the Fantasy Sports Trade Association, Americans spend about $15 billion playing fantasy sports. That’s about 32 million Americans each spending $467.
Consider that each of those 32 million Americans also provide their name, address, email address, billing and/or credit card information, and you’re also looking at a truckload of customer data that could turn a reasonable profit on the black market.
Fantasy sports have not been immune to security threats. About two years ago application security testing firm NT OBJECTives discovered a vulnerability in Yahoo’s Fantasy Football mobile app. If exploited, attackers could change team lineups and post imposter comments on message boards.
More recently, a DraftKings employee admitted to accidentally posting confidential data, which led to accusations of insider trading. This type of activity is likely to reoccur, if not in the realm of fantasy sports than perhaps in the world of financial trading, where traders trade in other accounts so they don’t get caught.
At any rate, hackers will no doubt target one of the leading fantasy sports sites – FanDuel or DraftKings – in 2016. Attackers will be looking to steal customer data or manipulate results to win big pools, which can total hundreds of thousands of dollars.
2. Presidential candidate
Four years is a long time when it comes to technological innovation. Consider social networks: CIO reports that candidates in the 2016 U.S. presidential election use more social networks than politicians of the past.
No one could’ve guessed in 2012 that Facebook and Twitter would be joined by the likes of Snapchat, Pinterest and Instagram as mainstream social networks. And there’s no telling what digital technologies will impact future presidential campaigns.
However, one thing is for certain: with every campaign, more of the candidates’ personal information is online. In 2016, at least one candidate is likely to get hacked.
But that’s not all. The unveiling of confidential or private information will change the course of the election. With so much personal data available, extortion and blackmail-type schemes are likely to increase in 2016 as well.
3. Planes, trains and automobiles
In July 2015, software engineers Charlie Miller and Chris Valasek demonstrated how they could remotely exploit a zero-day vulnerability to send commands through a Jeep Cherokee’s entertainment system to its dashboard functions, steering, brakes and transmission.
To make matters worse, automobile manufacturers aren’t being forthright about hacker and privacy threats as a result of connected systems. Not only will we see more proof-of-concept scenarios in the coming year, but hackers will be looking to target major transport manufacturers, with serious implications for personal safety.
4. Drones
With drones becoming more widely available, they are also tipped to play a role in next year’s hacking activities. Researchers are already at work building software that can be loaded onto a drone and can penetrate consumer devices and networks, as well as enterprise networks.
It won’t take long before an attacker uses this software (one system is already available on GitHub) to conduct a large-scale cyber attack. Healthcare and government organisations will be prime targets because of the type and value of information they hold. Alternatively, attackers will begin to target the drones themselves to achieve remote control.
5. Major sporting event
The World Cup, Summer Olympics or Super Bowl 50 – one of these major sporting events will likely be a cyber event in 2016. It’s not too difficult to imagine a nation state tampering with Olympic timing machines, for example, to help its athletes win in a split-second race, or hackers tampering with scores to win large bets. Such an attack could have a significant impact on international politics as well as the popular culture associated with the event.
>See also: 6 critical steps for responding to a cyber attack
Even as these new attacks take front-and-centre stage in the coming year, organisations will continue to see activity from tried-and-true attacks that are still going strong. For example, banking trojans and spear phishing continue to be effective campaigns.
There will also continue to be activity from Nuclear, which has been around since 2011 and remains the most successful exploit kit available. Attackers continue to use SQL injection attacks as well to put malware on small websites as a repository.
It is more important than ever that going into the New Year both companies and individuals take great care to protect themselves.
Sourced from Stephen Newman, CTO, Damballa