Cyber-Threats in 2016

Here’s Where the Danger Lurks

Cyber-Threats in 2016: Here’s Where The Danger Lurks

Banks, companies, governments and private individuals – they were all affected by cyber-threats in 2016. The DDoS attacks unleashed on devices belonging to the Internet of Things were particularly concerning. The attacks on the website of the journalist Brian Krebs at 620 Gigabit per second, on OHM at one Terabit per second and on Dyn at 1.2 Terabit per second were new records. In this article, we sum up the biggest cyber-threats of 2016 and explains what we can learn from them for 2017.

DDoS attacks

DDoS attacks were among the top cyber-threats in 2016. A DDoS attack means that one component in a data network (e.g. the server) becomes overloaded and therefore blocks the whole system. This is what denial of service means. If a larger number of systems cause the overload, it can frequently indicate that an attack is ongoing, which is called a distributed denial of service (DDoS). But the record DDoS attack on the DNS provider Dyn allowed conclusions to be drawn. It appears that the attackers linked devices belonging to the Internet of Things to produce a botnet. This huge network of "slave" devices such as IP cameras, baby monitors, refrigerators and coffee machines – all of them hooked up to the Internet and each with their own significant security vulnerabilities – allowed the hackers to seize almost unimaginable resources. This was enough to take down Dyn, and with it even prestigious companies like Amazon, Airbnb or PayPal. Supposedly, the hacktivist groups Anonymous and New World Hackers used the attack as revenge for the Internet exile of WikiLeaks founder Julian  Assange. Soon afterwards, the following message was posted on the WikiLeaks Twitter account: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point."

Internet of Things

Release of the malware Mirai at the start of October took the spiraling threat posed by attacks to a new level. This software aims to scan devices belonging to the Internet of Things to detect weak passwords and to incorporate the devices in a botnet. The risks posed by security vulnerabilities of simple devices were neglected for a long time. For instance, Verizon wrote in its 2015 Data Breach Investigation Report: “Don’t waste your time worrying about mobile and IoT when it comes to data protection priorities.” Verizon claimed that malware is more prevalent on other platforms than mobile devices, and that the focus should be placed on the at-risk areas. Moreover, the reports concentrate mainly on companies that are looking to protect their data. But what can consumers do if their coffee machine brews a hot beverage at 7 am, the fridge asks about milk supplies at 7:10 am, and they then join forces five minutes later to unleash a corporate attack? Might companies therefore be exposed to the risks lurking in the IoT devices? Yes! The Federal Office for Information Security in Germany (BSI) warned in its report The State of IT Security Germany 2016, released at the start of November, that IoT devices could indeed be manipulated in botnet attacks.


An attack at the end of November took down almost a million routers in Germany. A breach in the security protocol was exploited to load malware onto the routers. Later on, experts assessed the attack to be quite shoddily executed, as it failed to achieve its actual goal. The purpose had been to draw the routers into a botnet so that they could be used in future attacks. But the problem was solved merely by restarting the affected devices. Nevertheless, several German politicians used the attack to call for new legislation, demanding that the industrial sector show a greater appreciation of responsibility and quality in the development of its software. The import of cheap and poorly programmed technology from China was also criticized. Interior Minister Thomas de Maizière proposed setting up a “rapid response team”, while Telekom CEO Timotheus Höttges suggested upping the ante by creating a "Cyber NATO".

Android Devices

The future goals of the black hat hacker community are clear, namely to enslave as many devices as possible. There are now fears, especially since the "Trident" vulnerability was discovered in iOS devices, that a similar weakness could also be identified in their Android counterparts. The malware Pegasus teams up with Trident to sniff out high-target devices and is able to export everything from calls and e-mails to encrypted app data. It would be fatal if hackers were to acquire similar capabilities for Android devices. Over 1.4 billion devices worldwide use Android. Unauthorized access to even a fraction of this number would allow hackers to carry out DDoS attacks at over 30 terabits per second. What’s more, DDoS attacks could even be expanded to target mobile network providers. Companies urgently need to draw up emergency plans for similar situations and to ensure they are adequately protected.

At a glance

To show you why IT security is such a big issue, we summarized the biggest cyber-attacks of 2016 and their outcome:

Top 5 cyber attacks 2016
Top 5 Cyber-Attacks in 2016, source:  SoftwareONE

Protect your IT against Cyber-Attacks!

Let us have a look at your security infrastructure to secure your company and protect it from considerable losses. You are looking for someone having a profound knowledge of all technologies of the major IT security vendors? Contact our Managed Security team to find the security solution and to  be prepared for the upcoming cyber-threats!

Read more
  • Managed Security
  • Security, Ransomware, Portfolio Management, IoT, Cyber Threats

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

  • 15 September 2021
  • Bala Sethunathan
  • Cybersecurity, Managed Security, Cyber Threat Bulletin, Cybersecurity User Awareness
  • Cyber Threats, Ransomware, Vulnerability Management

Cyber Security Update August 2021

Accenture and Bangkok Airways suffer from a LockBit Ransomware Attack. Learn why ransomware attacks have become a favorite form of attack.

Handling GDPR Authorities After a Breach
  • 16 August 2021
  • Bala Sethunathan
  • Cybersecurity, Managed Security
  • GDPR, Cyber Threats, Data Breaches

Handling GDPR Authorities After a Breach

If a data breach or ransomware attack occurs in your organization, you must contact GDPR authorities. Here’s what you need to know to prepare.

  • 09 August 2021
  • Bala Sethunathan
  • Cybersecurity, Managed Security, Cyber Threat Bulletin, Cybersecurity User Awareness
  • Cyber Threats, Physical Security Risks

Cyber Security Update July 2021

At least one in three reported data breaches involved an insider. Accidental and malicious insider risk can cost businesses 20% of their annual revenue.