Hollywood’s Oscar nominations are out. Cybercrime has its own Oscar nominations—and they’re real nightmares for industries under the hacker lights. The script plots are simple, focus on the industries that can give the highest payouts, and don’t worry about who gets hurt.
Five industries need to be on particular security alert this year. Grab the popcorn and check out cybercrimes' “Best High Payout Oscar Nomination Picks” for 2018.
Healthcare
Ransomware extortion attempts in the healthcare industry continue to take top billing. It’s insidious because it can, and has, shut down whole systems and put patient care in danger. Other rising bad actors in healthcare are wiper malware or ransomware viruses ‘masquerading’ as ransomware—destroying total networks, data, and service capabilities.
“Ransomware will continue to be a threat and evolve, not to just encrypt data, but also to blackmailing data owners based on the content of the data,” says National Health Information Sharing and Analysis Center President, Denise Anderson.
Financial services
There’s plenty of ‘dramatic action’ here as financial services firms pit their ramped-up security sophistication against cybercriminals targeting their investment records, personal savings information, tax records, and other sensitive information. The latest threat is the ‘online wallet’, offering hackers multiple entry points for cyber attacks.
Already this year, the National Cash Register Company (NCR) has sent an advisory to its customers saying it has received reports from the Secret Service and other sources about ‘jackpotting’ hacks against ATMs in the United States. Jackpotting is done by installing malicious software and/or hardware at ATMs that forces the machines to give hackers large amounts of cash on demand. Jackpotting started in Europe and Asia and made its debut in early January here in the U.S.
Businesses
Cybercrime in business operations and online commerce is a ‘cautionary tale’ for any business owner who hasn’t taken security precautions. Half of all cyberattacks will be focused on small to midsize businesses in 2018.
Hackers have ‘cast’ small businesses as easier cash targets because they often lack adequate cyber defenses. Payment from ransomware attacks is almost assured. Stolen information can be used for fraud, identity theft, or access to larger enterprises and more massive breach opportunities.
Hackers count on users making ‘bloopers’ like falling for phishing attacks that will allow a large amount of private information to be sold on the Dark Web. It’s ‘dark comedy’ for hackers. Managed security service providers (MSSP) are working hard to make sure they get the last laugh!
Government Agencies
Movies are good at creating allusions. Often the unintended allusion created about government agencies is that they have unlimited resources for cybersecurity. Yet, they are often the least funded, making them a prime target for hackers.
One of the most despicable threats is the one aimed at children. In Columbia Falls, Montana a “series of ominous text messages escalated into violent, graphic cyber threats targeting the valley’s schools, students and families,” the Flathead Beacon reported in October of 2017. The threats forced the closure of more than 30 schools for three days.
The U.S. Department of Education is warning school districts nationwide to beef up their cybersecurity in response. Tina Rodrique, senior advisor for cybersecurity in the DPI’s Federal Student Aid Office, said the ransom demands relied “on the threat of releasing sensitive data from student records. In some cases, this included threats of violence and shaming or bullying of children unless payment was received.”
Beyond education entities, government bodies have the largest reservoir of personal data on citizens, including healthcare and tax information. These agencies have multiple options for hacker access and the exploitation can filter into our cities and rural communities. In movie terms, this is a film reel best kept on the cutting room floor!
Transportation
Smart airports, e-enabled aircraft, automated/driverless trains, connected vehicles, and self-driving cars—sound like a director’s action flick dream! Industry research shows the development of operation technologies is so fast the impact is just being felt now in the transportation sector—and it’s presenting huge problems.
According to a recent report, poor cybersecurity is being applied to or implemented within transportation operation technologies and control systems—including critical functions like engine and control flight control, electronic positioning systems, chart displays, and navigation systems within aircraft and ships. Most unsettling, many of these systems are using ‘commercial off-the-shelf software’ and are internet-connected through Wi-Fi and cellular networks.
By now, you’re probably choking on the popcorn!
Just remember most great Oscar-winning movies end with the ‘good guys’ overpowering the evildoers. There’s no doubt a great battle is being waged in cyberspace and once again, good will overcome evil. Managed security service providers wield their ‘security swords’ every day—and around the clock. It may be time to give an MSSP an audition.
