4. Mobile Malware
Security experts have been banging the drum about the threat of mobile malware for years. The fact that it hasn't yet materialized in a major attack has eroded the credibility of the claims, though, which means many users don't take it seriously and have let their guard down. The sheer volume of mobile devices, and the prevalence of new mobile malware threats only increase the likelihood that a major mobile malware attack will happen. Will 2015 finally be the year?
Kaspersky's Bermingham said, "As consumers and businesses shift to using mobile devices for a greater percentage of their daily activities, cybercriminals will place a larger emphasis on targeting these platforms — specifically Android and jail-broken IOS devices. Remote find, lock and wipe aren't enough."
5. Third-party Attacks
Cybercriminals generally take the path of least resistance, and they've learned that contractors and other third-party providers can provide an opening into otherwise-secured corporate networks. Major data breaches at retailers like Target and Home Depot occurred because attackers were able to obtain valid network credentials from trusted, third-party providers, and just walk right in.
This vulnerability extends far beyond corporations, though. Steve Durbin, managing director of the Information Security Forum, stresses that everyone needs to consider who has been entrusted to connect to or access sensitive information, and whether those entities or individuals have appropriate security measures in place.
This list is by no means comprehensive or conclusive. The very nature of innovative exploits means that we may be caught off guard by a completely new attack. And you may not be able to do much, personally, to prevent third-party attacks or DDoS attacks. But you can keep all of your hardware, software and services updated, and employ security controls to defend against attacks. There is no substitute for awareness and common sense.
Sign up for MIS Asia eNewsletters.