Apr 10, 2019 | Cybersecurity
Ransomware isn’t the only cyberthreat your business will face this year. Here are five emerging threats that leaders need to know about.
The cyberthreat landscape continues to evolve, with new threats emerging almost daily. The ability to track and prepare to face these threats can help security and risk management leaders improve their organization’s resilience and better support business goals.
The number of high-profile breaches and attacks making headlines has led business leaders to finally take cybersecurity seriously, said Sam Olyaei, senior principal and analyst at Gartner.
“Today, not only are business leaders and the business community understanding cybersecurity, they know it’s important to their business outcomes and objectives,” Olyaei said. “The problem is, there is still a lack of understanding as to why it’s important.”
Firms must work to bridge the gap between communicating the technical aspects of cybersecurity and the business outcomes, such as customer satisfaction, financial health, and reputation, Olyaei said.
Keeping track of new threats and not just established ones like ransomware is key for a strong security posture, said Josh Zelonis, senior analyst at Forrester.
“Whenever we develop our strategies for how we’re going to protect our organizations, it’s really easy to look at things that you’re familiar with, or that you have a good understanding of,” Zelonis said. “But if you’re not looking ahead, you’re building for the problems that already exist, and not setting yourself up for long-term success. And that is really the number one reason why you need to be looking ahead — to understand how attack techniques are evolving.”Bringing the Power of Lithium-Ion for IoT and Edge Computing Applications through APC Smart-UPSLi-Ion battery technology offers a host of benefits that make it an attractive and affordable option for a growing set of businesses reliant on distributed IT infrastructure.Sponsored by Schneider Electric
Here are five emerging cybersecurity threats that business, technology, and security leaders need to take seriously this year.
1. Cryptojacking
Ransomware has been one of the biggest threats impacting businesses in the past two years, exploiting basic vulnerabilities including lack of network segmentation and backups, Gartner’s Olyaei said.
Today, threat actors are employing the same variants of ransomware previously used to encrypt data to ransom an organization’s resources or systems to mine for cryptocurrency — a practice known as cryptojacking or cryptomining.
“These are strains of malware that are very similar to strains that different types of ransomware, like Petya and NotPetya, had in place, but instead it’s kind of running in the background silently mining for cryptocurrency,” Olyaei said.
The rise of cryptojacking means the argument that many SMB leaders used in the past — that their business was too small to be attacked — goes out the window, Olyaei said. “You still have computers, you still have resources, you still have applications,” he added. “And these application systems, computers, and resources can be used to mine for cryptocurrency. That’s one of the biggest threats that we see from that standpoint.”
2. Internet of Things (IoT) device threats
Companies are adding more and more devices to their infrastructures, said Forrester’s Zelonis. “Organizations are going and adding solutions like security cameras and smart container ships, and a lot of these devices don’t have how you’re going to manage them factored into the design of the products.”
Maintenance is often the last consideration when it comes to IoT, Zelonis said. Organizations that want to stay safe should require that all IoT devices be manageable and implement a process for updating them.
3. Geopolitical risks
More organizations are starting to consider where their products are based or implemented and where their data is stored, in terms of cybersecurity risks and regulations, Olyaei said.
“When you have regulations like GDPR and threat actors that emerge from nation states like Russia, China, North Korea, and Iran, more and more organizations are beginning to evaluate the intricacies of the security controls of their vendors and their suppliers,” Olyaei said. “They’re looking at geopolitical risk as a cyber risk, whereas in the past geopolitical was sort of a separate risk function, belonging in enterprise risk.”
If organizations do not consider location and geopolitical risk, those that store data in a third party or a nation state that is very sensitive will run the risk of threat actors or nation state resources being used against them, Olyaei said. “If you do that then you also impact the business outcome.”
4. Cross-site scripting
Organizations struggle to avoid cross-site scripting (XSS) attacks in the development cycle, Zelonis said. More than 21 percent of vulnerabilities identified by bug bounty programs are XSS areas, making them the leading vulnerability type, Forrester research found.
XSS attacks allow adversaries to use business websites to execute untrusted code in a victim’s browser, making it easy for a criminal to interact with a user and steal their cookie information used for authentication to hijack the site without any credentials, Forrester said.
Security teams often discount the severity of this attack, Zelonis said. But bug bounty programs can help identify XSS attacks and other weaknesses in your systems, he added.
5. Mobile malware
Mobile devices are increasingly a top attack target — a trend rooted in poor vulnerability management, according to Forrester. But the analyst firm said many organizations that try to deploy mobile device management (MDM) solutions find that privacy concerns limit adoption.
The biggest pain point in this space is the Android installed base, Zelonis said. “The Google developer site shows that the vast majority of Android devices in the world are running pretty old versions of Android,” he said. “And when you look at the motivations of a lot of IoT device manufacturers, it’s challenging to get them to continue to support devices and get timely patches, because then you’re getting back to mobile issues.”
Organizations should ensure employee access to an anti-malware solution, Forrester recommended. Even if it’s not managed by the organization, this will alleviate some security concerns.
Source: ZDNet
Author: Alison DeNisco Rayome
Mar 13, 2019 | Cybersecurity
Cybercrime, DDoS, IoT – what should you pay attention to next year?
1. Increase in crime, espionage and sabotage by rogue nation-states
With the ongoing failure of significant national, international or UN level response and repercussion, nation-state sponsored espionage, cyber-crime and sabotage will continue to expand. Clearly, most organisations are simply not structured to defend against such attacks, which will succeed in penetrating defences. Cybersecurity teams will need to rely on breach detection techniques.
2. GDPR – The pain still to come
The 25th of May, 2018 has come and gone, with many organizations breathing a sigh of relief that it was fairly painless. They’ve put security processes in progress and can say that they are en route to a secure situation – so everything is OK?
We are still awaiting the first big GDPR penalty. When it arrives, organizations are suddenly going to start looking seriously at what they really need to do. Facebook, BA, Cathay Pacific, etc. have suffered breaches recently, and will have different levels of corporate cost as a result, depending on which side of the May 25th deadline they sit. So GDPR will still have a big impact in 2019
3. Cloud insecurity – it’s your head on the block
Cloud insecurity grew in 2018 and, unfortunately, it will carry on growing even more in 2019. Increasing amounts of data are being deployed from disparate parts of organizations, with more and more of that data ending up unsecured.
Despite the continual publicity around repeated breaches, the majority of organizations do not have good housekeeping deployed and enforced across their whole data estate in the cloud. To give an idea of the scale, Skyhigh Networks research indicated that 7 percent of S3 buckets are publicly accessible and 35 percent are unencrypted.
4. Single factor password – the dark ages
As if we need the repetition, single-factor passwords are one of the simplest possible keys to the kingdom (helped by failure to manage network privileges once breached). Simple passwords are the key tool for attack vectors, from novice hackers right the way up to nation-state players. And yet they still remain the go-to security protection for the majority of organizations, despite the low cost and ease of deployment of multi-factor authentication solutions. Sadly, password theft and password-based breaches will persist as a daily occurrence in 2019.
5. Malware – protect or fail
Ransomware, crypto mining, banking Trojans and VPN filters are some of the key malware challenges that continue to threaten businesses and consumers. Live monitoring by Malwarebytes, Kaspersky and others, has shown that the mix of threats varies during the year, but the end result of malware threats will be a bad 2019.
Increasing sophistication will be seen in some areas such as ransomware, alongside new malware approaches and increased volumes of malware in other areas. Traditional AV will not provide sufficient protection. Solutions that have a direct malware focus are essential for organizations, alongside tracking of network activity (in and out of the network). With Cybersecurity Ventures predicting that ransomware damage costs will exceed $11.5 billion by 2019, it certainly won’t be going away. Oh yes, and make sure that your backup plan is working and tested.
6. Shift in attack vectors will drive cyber hygiene growth
The ongoing shift of attack vectors, from the network to the user, is causing a reappraisal of how to manage security. Driven partly by the shift in boardroom awareness, and partly by GDPR, many organizations are recognizing, perhaps belatedly, that their users are their weakest link.
Not only is there a greater awareness of the insider threat from malicious current and ex-staff, but there is also a growing recognition that staff cyber awareness and training is a crucial step in securing this vulnerable area. The response from organzations will take the form of cyber education, coupled with testing, measuring, and monitoring staff cyber behavior. Increasingly, Entity and User Behaviour Analytics (EUBA) systems will be adopted, alongside training programs and automated testing, such as simulated phishing and social engineering attacks.
7. IoT – the challenge will only increase
We’ve already seen some of the security challenges raised by IoT, but 2019 will significantly demonstrate the upward trend in this area. Driven by the convenience and benefits that IoT can deliver, the technology is being increasingly deployed by many organizations, with minimal thought by many as to the security risks and potential consequences.
Because some IoT deployments are well away from the main network areas, they have slipped in under the radar. In the absence of a standard, or indeed a perceived need for security, IoT will continue to be deployed, creating insecurity in areas that were previously secure. For the greatest percentage of IoT deployments, it is incredibly difficult or impossible to backfit security. This means that the failure to segment on the network will further exacerbate the challenges IoT will create in 2019 and beyond.
8. Increasing risks with shadow IT systems and bad housekeeping
Shadow IT systems continue to proliferate, as do the number of applications and access points into systems, including legacy applications. In the case of shadow IT systems, these are indefensible as they are; and in the case of increasing applications and access points, if they relate to old or abandoned applications, they are difficult to identify and defend.
In both cases, these are an easy attack surface with significant oversight, internal politics and budget challenges, and were previously seen as a lower priority for resolution. However, there has been both an increased awareness of the opportunity for attack via this route, and an increase in the number of attacks, which will accelerate in 2019.
9. DDoS – usually unseen, but still a nightmare
DDoS is the dirty secret for many organizations and attacks will continue to grow in 2019, alongside the cost of defending against them. Nevertheless, DDoS attacks aren’t generally newsworthy, unless a big name organization is involved, or the site is down for a long time. And, of course, the victim does not want to draw attention to their lack of defence. That’s not good for custom or for share prices.
The cost of launching an attack is comparatively low, often shockingly low, and the rewards are quick – the victim pays for it to go away. Additionally, cryptocurrencies have aided the money transfer in this scenario. Yet the cost for the victim is much higher than the ransom, as it involves system analysis, reconstruction and, naturally, defending against the next attack.
10. Cybersecurity in the boardroom
Advertisement
A decade, perhaps two decades, late for some organisations, cybersecurity is now considered a key business risk by the board. 2019 will see this trend accelerate as boards demand clarity and understanding in an area that was often devolved as a sub-component of the CISO’s role, and was not really a major topic for the boardroom. The financial, reputational and indeed C- Suite employment risks of cyber breach will continue to drive board focus on cybersecurity up the agenda.
Author: Ian Kilpatrick
Source: ITProPortal
