2017 – Anticipate and prepare, Part 1

2017 - Anticipate and prepare, Part 1

By Natasja Bolton, Senior Acquirer Support QSA


Steps to protect small businesses from this year’s security threats


This week we explore some of the security threats and cyber-attacks expected to feature in 2017.  As these risks could impact your small business customers we highlight actions that businesses can take to protect themselves, so that you can share with them these proactive, preventive measures.


1. More of the same – exploitation of known vulnerabilities and attack paths

It is worth remembering that the data breach methods and malware exploits seen in 2016 will endure as long as attackers and opportunists remain able to use well-known vulnerabilities and already established techniques to successfully compromise businesses.


Many small businesses have still not taken the simplest of steps to protect themselves. They often use out of support software and don’t patch their systems quickly enough (if at all).  Small businesses are often unaware or choose to ignore the fact that their users are their weakest link.


What can businesses do to protect themselves?

Adhering to good security practices is a challenge for many small businesses but remains the best defence. Taking steps to address basic security measures helps to make sure they cannot be easily exploited – attackers will move on to ‘lower hanging fruit’.


Those simple steps include:


  • Maintain systems: Regularly patch and update operating systems, software and applications
  • Control access to systems: Manage accounts and logins so that someone is accountable for their use, remove all un-used accounts and make sure all default or pre-set passwords have been changed
  • Raise security awareness: Use simple methods such as posters, memos or emailed notices to let staff know of attack methods, such as social engineering phone calls or spear phishing emails, that they may encounter and to instill good response behaviours

For further guidance review our article, Cybercrime is increasing – Preventative steps for businesses and the guidance in the PCI SSC’s Small Merchant Guide to Safe Payments.


2. Password breaches and Password Re-Use Attacks

Password-related breaches featured heavily in 2016, affecting organisations such as Yahoo (500 million user details stolen) and Dropbox (68 million passwords), and this trend is expected to continue this year. Security experts’ concerns for 2017 focus on the likely ongoing success of secondary password re-use attacks after the hacked repositories of customer accounts and passwords were found being offered for sale on the dark web


One expected positive outcome from any password-related breaches in 2017, is that they will raise awareness and help to change the behaviour of the millions who habitually re-use the same password. Often a single password is shared across personal and work-related platforms. 2017 will also be the year when businesses recognise the dangers and inadequacies of static passwords for user authentication and access control.


What can businesses do to protect themselves?

In light of last year’s password-related attacks, it is recommended that businesses take the following steps:


  • Raise awareness of good password practices: Use simple methods such as posters, memos or emailed notices to raise user awareness of the dangers of poor password practices and to instil more secure behaviours. These include:
    • Avoid password re-use: By using unique passwords for each business-related account and login, entirely separate from passwords for personal use
    • Change business-related passwords regularly: At least every three months
    • Always choose strong passwords: One that has at least seven characters and contains both alphabetic and numeric characters
    • Keep passwords confidential: Don’t share passwords with others
  • Make sure third party vendors or IT support providers use unique authentication credentials for access to each of their customers
  • Limit remote access to the business’ network and systems: Only grant remote access for authorised personnel and only to the specific systems and information required for them to do the work needed
  • Implement multi-factor authentication: For all remote access and for non-console system administration.  Multi-factor authentication requires the remote individual to present two entirely separate forms of authentication before access is granted


3. Commoditisation of cybercrime

Industry experts and cyber security researchers expect the volume of cyber-attacks to increase in 2017 as hackers and cyber-criminals continue and extend their offerings of ‘Crime as a Service’.  The burgeoning availability of tools and exploit kits will continue to allow traditional criminals to enter the cybercrime arena.


These tools are easy to use, affordable and scalable, letting non-computer experts launch already proven automated attacks to potentially devastating effect.


As we discussed in a previous article, small and medium businesses often do not consider that they could be targeted by cybercrime. Many are unprepared and poorly protected as they do not realise or appreciate that they don’t need to be deliberately targeted to experience a data breach. Any exploitable vulnerabilities that the business hasn’t addressed could be found by these automated tools.


What can businesses do to protect themselves?

Follow the preventative steps outlined in our article ‘Cybercrime is increasing – Preventative steps for businesses’. In summary:


          • Data inventory and risk to the data: Identify data, understand its value to the business and how it is protected
          • Educate staff: Make staff know the rules for all types and sensitivities of data, common security risks and the secure use of company devices and systems
          • Ensure senior management understand the cybercrime risk and its potential impact: Senior management need to understand cybercrime to help make sure the business is prepared
          • Secure internet facing systems: Protect valuable data with multiple, different layers of protection
          • Monitor new threats and how they affect you: Be aware of the latest threats and criminal trends to keep ahead in all aspects of security
          • Test your defences: Test periodically to verify the effectiveness of external defences
          • What will you do if you suffer a data breach or get targeted: Have an incident response plan (IRP) in place to help the business react quickly in the event of an attack


4. Ransomware

Ransomware is a topic we discussed many times last year;

Security researchers report that, since 2013, there has been a year on year doubling of capabilities with over a hundred new ransomware variants appearing in 2016. Ransomware attacks are a successful and highly profitable criminal business model


Unlike most forms of crime, ransomware generates direct revenue for the criminal; there’s no need for complex money laundering or ‘cashing out’.  The threat from ransomware is therefore expected to expand and evolve in 2017.


What can businesses do to protect themselves?

Follow the guidance given in our previous articles:



Webpage URL

Find out more about our Cyber Security and Compliance Solutions

Request a Callback

Next steps

In part 2 of this article we’ll examine other risks that are expected to cause an impact in 2017; email scams, Internet of things attacks and mobile device threats. Highlighting actions that your business customers can take to protect themselves. If you have a query about this article or wish to learn more about how Sysnet can assist your organisation and your customers request a callback or email info@sysnetgs.com


Read part two here:


2017 – Anticipate and prepare, Part 2