By all means, 2015 has certainly been an interesting year in cyber security. There have been a lot of incidents that made headlines, news that had people inside and outside the industry talking security, as well as breakthroughs in the field. Despite the bad breaks, there are still some other developments for which we're grateful this Thanksgiving.
With the rise of improved payment systems, cashless payments are expected to result in fewer cases of fraud. The liability shift back in October, which mandates that US merchants shift to more secure chip-enabled EMV credit cards, should significantly reduce fraudulent transactions for lost or stolen cards.
In 2013, Target suffered one of the biggest data breaches in history, caused by PoS RAM scraper malware. The switch to EMV simply makes it more difficult for cybercriminals to manufacture counterfeit credit cards with stolen data, while improved authentication systems can also prevent the use of stolen or copied cards. This should give holiday shoppers one less thing to worry about swiping their cards this shopping season.
We have seen an increased amount of collaborative work between private companies, security organizations, as well as law enforcement this year. The collaborative efforts resulted in the capture of several cybercriminals, and creating forums where all three can discuss movements that can further develop laws that ensure fair use of technology, as well as limitations.
Several years ago, corporations preferred to handle security issue themselves, and law enforcement wasn’t equipped to take on cybercriminals. But now, it’s no longer surprising to see all three working together to take down major threats and wanted cybercriminals.
Internet Explorer has always been a favoured target for those who want to exploit vulnerabilities. Last year, over 200 memory corruption vulnerabilities were disclosed and patched. For the newly released OS, long time users of IE said goodbye to the browser as Microsoft rolled out Microsoft Edge, a new browser with significant improvements. The most notable change is the MemGC feature, which uses mark-and-sweep garbage collection to defeat use-after-free (UAF) exploits, a recurring problem for IE.
This could push browser devs to put more effort in making sure that users are given more protection against web-based threats.
Better laws protecting the general welfare of companies and their customers are being pushed and implemented this year. One such law was EU Data Protection Law, which was implemented in 28 European member states earlier this year. The major inclusions of this law includes provisions defining personal data, sanctions for breaches, the right to be forgotten, and more. One important aspect of the EU Data Protection Law is a regulation dictating that companies that experienced data breach must notify the public about the incident within 24 hours after the breach. This can help customers become more pro-active in protecting their data and react to the incident faster, as opposed to being kept in the dark while their data gets tampered or sold.
MR. ROBOT was easily one of the best shows during the fall season in the U.S. The show is by far the most genuine portrayal of cybercriminals and their actions. Unlike most Hollywood hacker movies or hacker episodes, the series showcases what it’s like to know what cybercriminals do, as well as the adverse effects of their activities. It also shows how people are the weakest link in security.
Writer and director Sam Esmail captures what it’s like behind a cyber security agency, as well as the damage caused by cybercriminal activity. It shows people how some cybercriminal methods, such as social engineering, is done and used in an operation. Ultimately, the show's popularity and the light it sheds on cybercriminal activities—albeit fictional—can raise general awareness on the importance of cyber security.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.