Nader Henein Strategic Security & Privacy Leader and Dedicated Data Scientist, CISSP during an interview at the Al Manzil Hotel Downtown Dubai. Photo: A.K Kallouche/Gulf News

Dubai: The Internet of Things (IoT) will be one of the key flashpoints in cybersecurity this year, according to Nader Henein, Regional Director of BlackBerry’s Advanced Security Assurance Advisory, the company’s cybersecurity consultancy division.

IoT generally refers to devices that can be networked across the internet.

“Poorly secured IoT devices, such as webcams, can be used by hackers in two ways: firstly as a Trojan horse, or an entry point, to gain access to your home computer network, and secondly as a weapon, along with thousands of other devices across the IoT universe, in Distributed Denial of Service (DDoS) attacks against nations and large companies,” said Henein, a data scientist and cybersecurity expert.

Once entry is gained into an individual’s devices through this “Trojan horse”, hackers can steal data and then take it hostage — only returning it once a ransom payment has been made. This is termed “ransomware,” and Henein expects to see more of it in 2017.

Just last week, 27,000 users of database MongoDB were faced with a message telling them to contact a specific email address and provide 0.2 BTC, roughly equivalent to $220 (Dh807), if they wanted their data returned.

Quick money

Ransomware has now become the most profitable type of malware in history, and it is an easy way for hackers to make quick money.

“It’s a complete mess. Some big analysts have said that ransomware will decline in 2017. I categorically disagree,” said Henein.

Historically, ransomware has been directed at businesses. Henein thinks that this year will see a shift towards attacks against consumers, due to poorly secured IoT devices.

“People’s televisions are now connected to the internet, but they aren’t secured in the same way a computer is. They will be easy points of access for attackers.”

BlackBerry formally launched its cybersecurity consulting division in February 2016. On Tuesday it was named by market researcher Cybersecurity Ventures as ranking in the top 10 per cent of global cybersecurity companies.

Factbox: Europe gets (really) tough on data protection

A trend Nader Henein, Regional Director of BlackBerry’s Advanced Security Assurance Advisory, believes will define the cybersecurity and information protection world this year will be legislation.

The General Data Protection Regulation (GDPR), set to come into force in May 2018, will have huge consequences for companies around the world.

Any firm headquartered in Europe that manages information on the behalf of customers will be legally required to disclose breaches within 72 hours, whilst the maximum penalty for a loss of data will be €2 billion (Dh7.7 billion, $2.1 billion).

The limit of fines in current European legislation, EU 95/46/EC, is $100,000 per incident.

“Big banks have been working on this for the past five years. It is absolutely critical that they are ready. This legislation will impact all business around the world, including in the Middle East, that are headquartered in Europe.”

“‘GDPR compliant’ will be as common to hear as other golden standards in credit card security or fire safety, and will force companies to become a lot more transparent than they currently are.”