A Review of 2016 in Cyber Security

A Review of 2016 in Cyber Security

Levels of cyber attacks increased in 2016, making it a busy year for cyber security workers, but what were the main observations we can take from the year?

Vulnerabilities identified

Microsoft, in its report ‘2016 Trends in Micro Security’ said that 41.8% of all cyber vulnerability reports are rated as ‘highly severe’. Cyber criminals exploit these software vulnerabilities to launch attacks.

This highlights the need for software publishers to quickly develop patches as vulnerabilities are revealed, and for IT managers to install them as soon as they are released.

High-profile cyber attacks

In 2016, a number of major breaches reared their heads. Perhaps the most publicised ones were connected with the US presidential campaign.

Democrat Party private emails, including those from and to Hillary Clinton and campaign chairman John Podesta, were hacked and released on WikiLeaks.

The CIA found evidence that hackers from Russia linked to the Kremlin were behind cyber attacks intended to damage Clinton’s campaign and favour new U.S. President Donald Trump.

Another high-profile incident was the Denial of Service (DoS) attacks on Dyn. Dyn is a hosting provider that arranges services for well-known websites including Twitter, Reddit and Spotify. The number of DoS attacks reached 1.2 Tbps.

Java attacks down, Flash Player attacks up

Last year, attackers shifted their attention from Java vulnerabilities to attacks via Adobe’s Flash Player.

Java exploitation used to be the favourite form of cyber-attack, but 2016 saw attacks via Java decrease. This is mainly due to the way browsers handle Java applets, and means that cyber security personnel might consider moving Java down the priority list.

Flash Player objects, meanwhile, appeared on 90% of malicious webpages. Some organisations have disabled Flash on their browsers, deeming it outdated. Organisations using Flash need to make sure that they keep up with the tool’s security updates.

Enterprise computer malware decreased

Thanks to greater proactive measures by cyber security personal, the chances of enterprise computers being affected by malware decreased in 2016. Consumer computers are now more likely to be affected by malware than enterprise ones.

Exploit kits responsible for 40% of common exploits in 2016

Exploit kits, collections of exploits sold as bundles on hacker forums and other non-legal outlets, are stored on webpages, from which they can download malware that infects computers. Security workers need to understand the workings of these kits in order to guard against them, since two out of five exploits were down to them last year.

Almost half of vulnerabilities are in applications

Many cyber security teams make sure that they protect operating systems and web browsers, but 2016 highlighted the need to also focus on applications. These count for a hefty 44.2% of vulnerabilities.

Trojan incidents show sizeable increase

The number of Trojan malware incidents increased by 57% in 2016. Trojans pretend to be documents or images, but install malware on a computer when a user tries to open them. The challenge to security personnel is to prevent workers from opening dubious documents and image email attachments.

A busy year ahead

As we all expected, 2016 was a busy period for cyber criminals and provided many challenges for cyber security personnel. There is no sign that 2017 will show any let-up for both cyber attackers and cyber defenders, meaning we all need to stay on the ball.

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy