{"id":216,"date":"2015-02-06T03:00:54","date_gmt":"2015-02-06T11:00:54","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=216"},"modified":"2023-09-27T06:27:02","modified_gmt":"2023-09-27T13:27:02","slug":"cyber-security-2015","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/cyber-security-2015\/","title":{"rendered":"Cyber Security in&nbsp;2015"},"content":{"rendered":"<pre>No one was immune to the impact of cyber criminal activities in 2014. It will be remembered as the year of the <a title=\"heartbleed\" href=\"http:\/\/heartbleed.com\/\">Heartbleed bug<\/a> that caused a vulnerability in the popular OpenSSL cryptographic library; the <a href=\"http:\/\/googleonlinesecurity.blogspot.com\/2014\/10\/this-poodle-bites-exploiting-ssl-30.html\">Poodle attack<\/a> against outdated <a href=\"https:\/\/www.ssls.com\/blog\/why-ssl-alone-wont-secure-your-website\/\">SSL<\/a> 3.0; the sunset of the <a title=\"SHA-1\" href=\"https:\/\/www.ssls.com\/blog\/sunsetting-sha-1-moving-sha-2\/\">SHA-1<\/a> cryptographic algorithm, which was frequently affected by cyber attacks; and the Shellshock software bug.<\/pre>\n<p>Many e-commerce giants, popular smartphone applications, and government and health organizations were also actively attacked by hackers in 2014.<\/p>\n<p><!--more-->A vulnerability in the <a href=\"http:\/\/gizmodo.com\/great-hackers-can-use-snapchat-to-dos-attack-your-phon-1518858682\">Snapchat app<\/a> enabled criminals to steal 4.6 million usernames and phone numbers, as well as thousands of erased photos, using a third-party tool.<\/p>\n<p>Moreover, hackers attacked the retail giant Ebay and stole 233 million users\u2019 personal data, including usernames, passwords and contact details. Fortunately, no financial information was hacked, because it\u2019s <a href=\"https:\/\/www.ssls.com\/blog\/why-ssl-alone-wont-secure-your-website\/\">encrypted<\/a> and stored separately.<\/p>\n<h2>Real-Time Cyber Attack Trackers<\/h2>\n<p>There are several cool online services that make it possible to track world cyber attacks in real time. The most usable are:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.fireeye.com\/cyber-map\/threat-map.html\">Cyber threat map<\/a> by FireEye, a sample of global cyber threat data collected from two-way sharing customers during the past 30 days. However, the \u201cattacks today\u201d counter does not represent real-time data. Rather, it provides real, observed attack rates and then calculates attacks for the day based on local time.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/cyber-threat-map.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-224\" src=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/cyber-threat-map.png\" alt=\"Cyber threat map\" width=\"1130\" height=\"703\" srcset=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/cyber-threat-map.png 1130w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/cyber-threat-map-300x186.png 300w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/cyber-threat-map-1024x637.png 1024w\" sizes=\"auto, (max-width: 1130px) 100vw, 1130px\" \/><\/a><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><a href=\"http:\/\/labs.opendns.com\/global-network\/\">OpenDNS GlobalNetwork<\/a>, the world\u2019s largest security network, created by OpenDNS, the leading provider of network <a href=\"https:\/\/www.ssls.com\/blog\/why-ssl-alone-wont-secure-your-website\/\">security<\/a> and DNS services. The platform handles more than 50 billion of the world&#8217;s internet requests daily, in 196 countries.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/global_network.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-223\" src=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/global_network.png\" alt=\"OpenDNS GlobalNetwork\" width=\"871\" height=\"593\" srcset=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/global_network.png 871w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/global_network-300x204.png 300w\" sizes=\"auto, (max-width: 871px) 100vw, 871px\" \/><\/a><\/p>\n<ul>\n<li><a href=\"http:\/\/map.ipviking.com\/\">IPViking<\/a> by Norse Corp., a so-called hackers hunting map that represents real-time cyber attack data collected by IP Viking. It shows the exact coordinates and IP address of where an attack is going from, as well as which Norse system is under attack.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/iiiii_1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-228\" src=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/iiiii_1.png\" alt=\"IPViking\" width=\"1445\" height=\"900\" srcset=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/iiiii_1.png 1445w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/iiiii_1-300x186.png 300w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/02\/iiiii_1-1024x637.png 1024w\" sizes=\"auto, (max-width: 1445px) 100vw, 1445px\" \/><\/a><\/p>\n<h2>Top Security Threats Expected in 2015<\/h2>\n<p>Let\u2019s take a look ahead at 2015 and define how it will be in terms of cybersecurity:<\/p>\n<ul>\n<li><strong>The Insecurity of Things<\/strong> \u2013 The Internet of Things may be replaced with the Insecurity of Things in 2015. According to Robert Hansen, VP of WhiteHat Labs for <a href=\"https:\/\/www.whitehatsec.com\/\">WhiteHat Security<\/a>, &#8220;In previous years the Internet of Things was not a big deal, but we\u2019re seeing an increasing number of vulnerabilities in internet-capable devices, like TVs, home security systems, automation.\u201d<\/li>\n<li><strong>Advanced DDoS Attacks<\/strong> \u2013 According to the Annual Worldwide Infrastructure Security Report by <a href=\"http:\/\/www.arbornetworks.com\/news-and-events\/press-releases\/recent-press-releases\/5351-arbor-networks-10th-annual-worldwide-infrastructure-security-report-finds-50x-increase-in-ddos-attack-size-in-past-decade\">Arbor Networks<\/a>, the frequency of DDoS attacks nearly doubled in 2014, in comparison to 2013. Moreover, attacks continue to grow in volume, complexity, and frequency. For example, the largest DDoS attack reported in 2014 was 400 Gbps. Ten years ago, the largest reported attack was a mere 8Gbps.<\/li>\n<li><strong>Targeting the \u201cOne Percent\u201d<\/strong> \u2013 While cyber criminals may target a specific company or a government entity, they don\u2019t generally spend time targeting an individual because the potential financial payoff isn\u2019t worth their time. But wealthy consumers are the exception, said Coggeshall of LifeLock.<\/li>\n<li><strong>Sophisticated Point-of-Sale Attacks<\/strong> \u2013 The goal of point-of-sale (PoS) attacks is to steal digital payment information. Any software that allows users or administrators to remotely access or control machines that are involved in financial operations, or that interacts in any way with PoS systems, is vulnerable to cyber-attack and needs to be extra protected against cyber criminals. <a href=\"http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-quarterly-threat-q3-2014.pdf\">McAfee Labs<\/a> expects that PoS attacks will grow in 2015, though some retailers in the US have begun deploying chip-and-pin cards and card readers, which may help alleviate some of the threat.<\/li>\n<li><strong>Ransomware Threat Transformation<\/strong> \u2013 Ransomware malware is a well-known type of scam that infects computers and restricts users\u2019 access to some kinds of stored data. A user may not unlock it before paying a hacker hundreds or even thousands of dollars. The FBI has taken active steps to neutralize some of the more significant ransomware scams. Experts believe that in 2015 hackers will try to attack cloud networks such as Dropbox and Google Drive.<\/li>\n<li><strong>The One-Time Password May Die<\/strong> \u2013 As we reported in a previous <a href=\"https:\/\/www.ssls.com\/blog\/death-password-infographic\/\">blog post<\/a>, Bill Gates predicted the death of the password ten years ago. In 2014 hackers managed to steal the passwords of numerous iCloud celebrities\u2019 accounts and to compromise the accounts of 76 million customers and seven million small businesses of JPMorgan Chase, one of the largest financial holding companies. These cyber-crimes show that passwords must be replaced with something more securable.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>No one was immune to the impact of cyber criminal activities in 2014. It will be remembered as the year of the Heartbleed bug that caused a vulnerability in the popular OpenSSL cryptographic library; the Poodle attack against outdated SSL 3.0; the sunset of the SHA-1 cryptographic algorithm, which was frequently affected by cyber attacks; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[24],"class_list":["post-216","post","type-post","status-publish","format-standard","hentry","category-security","tag-security"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/216","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=216"}],"version-history":[{"count":13,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/216\/revisions"}],"predecessor-version":[{"id":2630,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/216\/revisions\/2630"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=216"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=216"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=216"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}