PricewaterhouseCoopers recently published their 2016 Global State of Information Security Survey, which shows that security incidents increased by 38% between 2014 and 2015, and the theft of intellectual property rose by 58%. Hackers are continually refining their tactics, and traditional methods of protection are often ineffective. The rapid rise of these attacks can also be considered as an indication that cybercriminals are getting what they want, mainly recognition and easy monetary reward.
Trends like cloud computing, data analytics and virtualisation have greatly expanded the use of technology and data, thereby increasing exposure to attack. Every company is now a potential target, regardless of industry or size. A startup in Perth just is as likely to be targeted as a Silicon Valley corporation.
The PricewaterhouseCoopers survey also showed that 69% of respondents are now using cloud-based security services to safeguard privacy and protect sensitive data. They are entrusting a broad range of services to the cloud, including authentication, access management, and real-time monitoring and analytics.
When an attack is successful, the potential damage can be severe and widespread. As attacks become more prevalent, Australian businesses must invest in a coordinated and holistic approach to threat mitigation. Vulnerabilities in your infrastructure can compromise your assets, your finances and your professional reputation, as well as putting your employees at risk.
Fortunately, there are ways to protect your organisation. The first step is to recognise the primary threats, understand how they arise, and develop a strong plan to defend your business and contend with the aftermath of an attack. IT security should be prioritised as a key component of your 2016-2017 business plan.
This article presents some of the biggest cybersecurity risks of 2016 and explains how to build a strong defence against the most common attacks.
1. A weak cybersecurity policy & corporate culture
Failure to prioritise cyber security is something that modern organisations cannot afford to risk. In the same way that companies seek external expertise for financial and legal matters, they should also engage with experts available to them, such as managed service providers.
A strong cyber security policy must identify internal and external threats, as well as risks associated with vendors and third parties. But cyber security risks don’t arise through technology alone. Human psychology also plays a major role, and people are often the weakest link in your security chain. Your corporate culture greatly influences the way security is perceived by your employees, and it’s important for your staff to be able to identify and respond effectively to phishing and social engineering attacks.
Being prepared also means having a thorough recovery plan to minimise damage if an attack does get through, and to ensure that your systems are back up and running as quickly as possible. Extreme measures, like powering down network segments or disconnecting specific hardware from the network may be required to isolate an attack.
2. Insecure Passwords
It’s sounds like a basic measure, however, with the volume of online accounts increasing exponentially over recent years, weak passwords continue to present one of the main risks when it comes to security. Easily guessed character strings like ‘123456’ and ‘qwerty’ remain the most commonly used passwords year after year, because users have difficulty remembering more complex codes. For the same reason, most companies also don’t enforce regular password changes, when generally staff are recommended to change passwords every 3 months for maximum protection and this policy should ideally be prepared by the person responsible for IT and reinforced by administration staff.
For now, password management tools can be a solution to this problem, enabling you to store dozens of strong and unique passwords for multiple accounts, while you only need to remember a single password for the management tool itself.
And over the coming years, it’s likely that simple passwords will be phased out in favour of multi-factor authentication. Firms like Apple and Google are already incorporating fingerprint scanning and SMS confirmation into their technology platforms, and Australian businesses that adopt these practices will also benefit from superior protection.
3. Bring Your Own Device (BYOD)
As companies strive to offer more flexible employee working conditions, many have adopted a Bring Your Own Device policy. However, this strategy can flood your network with unsecured devices, opening many pathways for unauthorised access.
According to a 2014 Global Security Survey by Dell, 93% of organisations permit the use of personal devices for work-related purposes, and 31% of employees access their employer’s network using personal devices. 24% of organisations said misuse of mobile devices had already resulted in security breaches.
Over 20% of survey respondents said infection from untrusted public Wi-Fi access is one of their top-three cybersecurity concerns. With the rise of mobility and remote access, companies must invest time and resources into a solid BYOD policy and Mobile Device Management (MDM) solutions are highly recommended.
A strong policy combined with a good MDM solution will help your business enforce measures such as encryption for data-in-transit (laptops, USBs, etc.) and enable mobile security features, such as remote wipe and pin codes.
4. Polymorphic Malware
Malware is constantly evolving. The polymorphic nature of the latest viruses, worms, Trojans and spyware make it difficult to detect their presence using traditional antivirus tools. Out of date software is especially vulnerable, with web browser and Adobe Flash exploits leading to a large number of attacks. It’s essential to continually upgrade software to the latest version, and patch vulnerabilities in applications like Flash and Java.
Ransomware is a particularly unpleasant form of malware that first encrypts files on your system, and then demands a ransom be paid in order to regain access to your critical data. The ransom is normally paid through Bitcoin, or via a MoneyGram to untraceable prepaid cards. For a detailed guide to ransomware, refer to our earlier article.
A Trend Micro report about ransomware presented: “During the first six months of 2016, we discovered a total of 79 new ransomware families—a figure that eclipsed the number of ransomware families we detected for 2015. Our discovery also marks a 172% increase in ransomware families for the first half of 2016.”
5. The Internet of Things
The Internet of Things refers to the interconnection of physical devices like home appliances, vehicles and buildings to the Internet. Every conceivable market, from transport to healthcare and energy, is becoming increasingly integrated. But this efficiency and convenience comes at a price. The IoT presents unprecedented security challenges due to the sheer number of connected devices.
While credit card theft is nothing new, the rise of contactless and mobile payments has already opened up new opportunities for hackers, especially when retailers don’t store customer data securely. Consider how much greater this threat becomes when almost every electronic device you possess is connected to the Internet. Smart watches, smartphones, wearable technology, medical hardware – even your fridge. The potential risks are endless.
6. New methods of malware propagation
It’s important to be aware about the new ways hackers are attacking businesses, using means other than email or spam. During the first half of 2016, some attacks were reported on computers that run a remote desktop control application or terminal services, which if affected can cause significant disruption for a company.
In this case, the ransomware is installed directly by the attacker who brute forces weak passwords on organisations that run remote desktop and targets the areas that corporations are not paying attention to or neglecting to protect.
As mentioned in point 2, even though it sounds basic, it’s crucial for organisations to have a strong password policies, especially for different attacks rather than email or spam. This won’t solve 100% of the problem, however, it’s the first gate to keep intruders away from your business.
7. Spread of BEC scams
You probably don’t know them by their name, but most likely have been targeted by one. The Trend Micro report about ransomware in 2016, explains very clearly what they are:
“Business Email Compromise (BEC) schemes are scam tactics which compromise business accounts in order to facilitate an unauthorized fund transfer. Most of the time, attackers behind BEC scams impersonate people who have access to a company’s finances—may it be a company’s CEO, managing director, CFO, or even financial controller. Based on our monitoring from January 2016, we observed that BEC scams often targeted CFOs more than any other position in a company. Once attackers had picked someone of authority to spoof, their next move would involve tricking their victims to permit a fund transfer to serve as payment for an invoice or perhaps a legal settlement.”
At Bremmar, we have identified that in 2016, most of our clients have been targeted more than once by these scams. Because the scammer uses your company’s actual domain and executive’s name to request a payment, the emails are not stopped by antispam solutions and the email looks legit and requires different methods to decipher its authenticity.
With this type of attack, the first, and most important advice we give clients is employee education and awareness. Combined, of course, with good security solutions.
We usually know firsthand when these attacks are happening and targeting organisations, so we send notifications to clients for them to be alert!
8. Cyber espionage
Cyber espionage has become a powerful weapon used by unscrupulous organisations and governments to gather intelligence and disrupt their adversaries. Corrupt nation states and terrorist groups are increasingly using cyber warfare to further their agendas.
It’s critically important to understand who might be interested in attacking your business, as well as their resources and motives. But the odds are in still the attacker’s favour. They only need one successful attack to severely damage your organisation. On the other hand, you need to stop every attack.
Data segmentation is one approach to mitigate the risk, so that if an attack does penetrate your defences, the hacker is restricted to a limited subset of your data. Some corporations are even creating fake servers and fake data to lure attacks into unimportant segments of the network. If hackers are forced to expend energy analysing worthless data, they may turn their attention towards easier prey.
Protecting digital assets is a challenging task. Enterprise networks have evolved to include customers, partners, suppliers and remote workers. Mobile devices are diverse and widespread. Meanwhile, cyber security teams face constraints on funding, resources and skills. And with the imminent arrival of nanotechology and biometrics, the threats to your organisation will only intensify.
Unpatched servers are an easy way in for hackers, so regularly patching or updating software is a must. There are solutions, like MDM, that can help you protect data in mobile devices. Security policies are essential; businesses can’t afford not investing in one.
While educating employees about cyber risks and creating awareness on the matter is one of the most important steps in IT security, adopting a multilayered security strategy should be in place to avoid attackers from infiltrating networks and endpoints and corrupting business-critical files and data.
If you’d like further advice or assistance to help safeguard your business in this increasingly hazardous digital landscape, then contact Bremmar today on 1300 991 351 or email firstname.lastname@example.org.