All it takes is a vulnerability in a vendor's POS system code (say, for a startup like Square) to cause more of a massive hack that penetrates into multiple retail operations all at once. Cowperthwaite says there is a trend with about six or seven major retailers getting compromised in recent years. The POS hole is not getting plugged, and it could mean more widespread attacks are coming.
5. Mobile device ransoms
One of the most unusual security threats has nothing to do with open source cryptography or cloud encryption. According to Troy Hunt, a security expert for the tech training portal Pluralsight, a new problem could arise for large companies that is even more serious than Heartbleed or Shellshock: hackers stealing a client device like an iPhone or an Android tablet, then holding the device (and the data) ransom for a large sum.
He says the issue has already become a major threat in countries like Australia for consumers where a thief demands a $100 (around £55) payment. Depending on the importance of the data on the stolen device, he says the ransom amounts could be more astronomical – and there's little recourse to resolve the problem.
6. Android attacks
One of the most likely attacks in the enterprise arena pertains to the Android operating system – carried by millions and millions of smartphones and tablets (and even a desktop all-in-one from HP called the Slate) in use all over the world. Many of these gadgets make it into corporate settings, and that makes them more attractive to hackers who want to steal data and spy on large companies.
"Due to the high segmentation of the Android market, over 95% of all mobile malware is on Android," says Benjamin Caudill, a Principal Consultant at Rhino Security Labs. "While attacks on your phone don't seem any different than those on your PC (which we've seen for years), infecting a mobile device allows it to be activated remotely, tracking your location and listening to your conversations."
