The malware that hijacks computers and asks for a ransom in exchange for his release will not be the only headache technology in the coming year, according to Trend Micro.

The ransomware has been protagonist in 2017, with attacks sounded like WannaCry. This attack came to cause 300,000 infections that resulted in losses of more than 4,000 million dollars, according to the security company Trend Micro, which recommended that companies strengthen their security plans to combat this malware that hijacks computers to ask for a ransom in exchange for his release, which includes educating workers on good practices. And is that “the ransomware will remain a threat particularly striking during the next year,” says the security firm.

But it will not be the only technological threat that will bring problems to the organizations throughout 2018. Trend Micro counted until eleven potential problems.

in Addition to ransomware, another useful resource for cybercriminals will be the attacks BEC or Business e-Mail Compromise, which once more put the human component in the centre of the controversy, as the weakest link in the chain of protection. And is that “any employee can receive sophisticated e-mail messages look legitimate”, recognized experts, and to fall into the trap. This leads to Trend Micro to target as a threat over the “lack of awareness and training of employees”, the only thing that does is create “open spaces through which hackers can exploit and undermine the company”. It is difficult to combat the ransomware, the attacks BEC, the techniques of phishing and the social engineering if the professionals who work for the company that becomes the target of cybercriminals are not aware of their responsibility in matters of security.

on the other hand, would have to pay special attention to the threats and gaps that affect the supply chain, because they have the ability to stop the activity of the business and put at risk a company and its suppliers or partners. This domino effect is also seen in the attached devices that are part of the internet of things or IoT, for example, within the so-called smart factories in the environment of an industrial nature. “The next year it is estimated that using more than a million robots connected in this capacity, and it is imperative that any organisation that uses connected devices to ensure that they are properly protected”, says Trend Micro, which apostille: “whether in industrial environments or in any other”. The danger of this type of threats is high because of “have the potential to affect not only one, but multiple companies and their customers”.

In fifth place is the Crime-as-a-Service or, what is the same, the crime-as-a-service, which serves offenders supporters to carry out attacks without having some knowledge too extensive in this area. Just buy the tools and use them. In this sense, the exploit kits will continue to exist. “The attackers will continue creating and selling kits that will allow even the cyber-criminal most novice, violates confidential data”, says Trend Micro. And, as is happening at the present time, the mobile threat give you quite a few headaches as a great attack vector for a hacker. This has to do with the popularity of the smartphone in general, but also with the permissiveness of some companies to their workers to use mobile terminals personal for tasks corporate.

For the next course is expected to a sophistication of new threats, as they develop and vulnerándose bugs before developers and security specialists to react and solve them. But we should not rule out the use of old vulnerabilities, which “continue to thwart the security efforts of businesses”, according to analyzes Trend Micro. “Although no doubt there will arise new threats, weaknesses and strategies of attack of the hackers will remain the same as they have been using for months, and even years”, because you don’t always apply the patches urgent and necessary software updates in the organizations. “This leaves significant security holes that ciberatacantes take advantage”, deplores Trend Micro.

Ensure alignment with the regulations is another point to keep in mind, because new standards such as the General Regulation of Data Protection in the European Union that will begin in 2018 “they will also have an impact on the security efforts as companies work to ensure that their systems and strategies to provide protection and also comply with the standards of the industry,”, expected to Trend Micro. Companies that did not adapt in time to this european regulation will face problems, such as sanctions in the millions. Finally, there will be “keeping up with the expectations of the board”, that sometimes expects more than what your IT team is able to offer. “The gap between the expectations of the board of directors and the functions of the IT team is called to become one of the main threats in 2018,”, he concludes by Trend Micro.