Cyber Attacks Are Growing Ever More Sophisticated

Uploaded on 2016-12-29 in NEWS-Cybersecurity News, FREE TO VIEW


Details of cybersecurity breaches across government, education and industry sectors made headlines, repeatedly, over the past year, with no signs of slowing down. 

Yet despite the frequent incidence, 66 percent of companies report they are unprepared for a major cybersecurity attack, according to a national survey released in November by the Ponemon Institute.

In October, Yahoo reported that a breach believed to have occurred in 2014 affected as many as 500 million user accounts, one of the largest such breaches to date. On Oct. 21, cyber attackers took down the Internet for a large swath of the Eastern United States for most of the day, using a malware virus known as Mirai that attacks vulnerable Internet-connected devices such as web cameras, DVRs and routers.

High-profile cases make it clear, today’s cyber attackers are highly sophisticated. 

The bottom line is Simple

“Companies are going to need to invest in more technology to protect them from security threats,” said Brendan Jacobson, co-founder of NetGain Technologies. “It is just going to get worse.”

It’s not necessarily that the attack tools are getting smarter; it’s the manner in which they are being used. Malicious players don’t even have to be highly tech savvy, said Cody Shackelford, systems engineer with Data Strategy, which acquired Louisville-based boice.net this year.

Basic malware or ransomware packages are readily available on the black market or dark web, he said. Attackers today are succeeding by researching a target company or agency to determine a weak link, for example, a “socially engineered” phishing campaign with an email that looks like it came from and is written in the style of a regular communication partner, perhaps even a coworker.

Organisations can achieve very high levels of protection, though, by employing multiple levels of defense that screen all incoming digital traffic, that restrict anything that does get through to an individual work station, and especially that train workers in best practices for handling data, Shackelford said.

Cybersecurity best practices

Cybersecurity experts agree: The worst possible response to the increasing threat of cyber-attack is to assume you’re not at risk. “These attacks just keep happening over and over again. Businesses are very anxious, and even fearful,” said Scott Logan, technical director of security for NetGain Technologies Inc.

“For a long time, small businesses just didn’t feel like they were a big enough player to be worried about threats,” Logan said. “Their mindset was, ‘I’m not Chase Bank or Anthem,’ and they believed they didn’t have to worry about an attack. But now even small businesses have begun to realize that hackers are increasingly targeting smaller entities, on the assumption that they may be less secure and therefore easier targets.”

To shore up their defense against attack, businesses should first work with their IT or information security team to do a comprehensive risk assessment, Logan said. 

And while each firm’s cybersecurity approach will be specific to its own unique needs, experts did offer these general rules to consider.

  • Ensure baseline security is up-to-date. This includes use of anti-virus software; patching on servers, work stations and routers; implementing a sound backup system; use of firewalls; and “a layered security approach, where there’s multiple points to protect you,” said Joe Danaher, vice president of operations for Integrity IT, a Lexington-based IT and internet security firm.

If your current firewall system is more than five years old, consider investing in a newer one. New models include state-of-the-art intrusion detection prevention systems (IDPS) built in, which can help identify security threats at the perimeter, before they reach the network, Logan said.

  • Install end-point protections. In the past, “end points” (i.e., individual employee computer stations) typically received only a simple anti-virus install, Logan said. In today’s threat climate, that’s not enough.

“They need to have their own intrusion prevention system at that end point so that if it becomes infected, it can’t spread throughout the network,” Logan said. 

  • Update data routinely, locally and off-site. “Because the threats have increased so much, it’s important that you have a good, secure backup,” said Danaher. “Usually what you do, is a full back-up daily and then incrementals timed throughout the day, based on how much data you can stand to lose. Most customers still do an onsite backup, and it’s very important for disaster recovery to have an off-site backup as well,” he said.
  • Phishing emails can spread ransomware. In years past, bogus phishing emails were easy to spot. Not so today. Hackers have gotten increasingly sophisticated at mimicking the look of real emails from businesses, say a bank or credit card company, you routinely interact with. But if an employee clicks on an email containing malware at their work desk, without the proper safety in place, a virus can be unleashed on their company’s entire network system.

Ransomware, in which the hacker encrypts all your computer files and only provides the decryption key at a set ransom price, is on the rise, say experts.

“Phishing and spear-phishing, an email spoofing attack that targets a specific individual, continue to be the biggest threat we’re seeing,” said Greg Garcia, executive vice president of the Washington, DC-based Signal Group, who served as the nation’s first assistant secretary for cybersecurity under President George W. Bush from 2006-08. 

Invest in employee training

“You can spend a large portion of your company’s budget on security technology, and it can be made instantly ineffective by someone getting access to the environment through social engineering,” said Patrick Zanella, security practice lead with Lexington, Mass.-based Integration Partners.

In “social engineering” breaches, attackers email or call an employee or call into a call center and name-drop to sound as if their request for sensitive company information is legitimate.

“The end user, employee, is consistently the weakest link in the security chain,” Logan agreed. “And it’s simply because of this: End users are inherently designed and conditioned to help. They’re in a workplace where they are questioned about information they may or may not know, and they try to provide an answer.”

In March, for example, personal information for 700 current and former Snapchat employees was stolen when hackers posed as Snapchat CEO Evan Spiegel and tricked an employee into emailing them employee payroll data.

Have strong Protocols in place

Experts admit it’s impossible to calculate how cyber threats will continue to evolve, since new iterations come along so fast. (On average, 300,000 to 400,000 new malware files are uploaded on a daily basis, Zanella said.) That’s why developing a sound, holistic cyber security strategy is key.

Training the next generation

Another challenge facing cyber-safety advisors is the scarcity of trained cybersecurity workers nationally. It reports that there are currently more than 348,000 cybersecurity job openings across the nation.

Students studying cybersecurity through Northern Kentucky University’s information technology degree track or its business informatics degree track have no trouble finding jobs upon graduation, said Dr. James Walden, director of NKU’s Center for Information Security, which launched in 2014.

In their cybersecurity coursework at NKU, students learn to set up firewalls, VPNs (virtual private networks) and intrusion detection systems, among other skills. In computer forensics courses, students must investigate the memory of a compromised network system in order to determine what went wrong, Walden said. During their capstone class, many students conduct security assessments for area businesses. Some have even reverse-engineered malware.

“The students get a ridiculous number of job interviews when they finish,” Walden said. “It’s a great time to get into the cybersecurity field.”

Lane Report:                            Cybersecurity: A Personal Plan:
 

 

« France Launches a Cyber Warfare Division
Machines Versus Human Brains – Who Wins? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

Cradlepoint

Cradlepoint

With Cradlepoint customers leverage the speed and economics of wired and wireless Internet broadband for branch, mobile, and IoT networks while maintaining end-to-end visibility, security and control.

Ashley Page

Ashley Page

Ashley Page offer a unique cyber insurance and risk management solution - Cyber+Insure.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

GovernmentCIO

GovernmentCIO

GovernmentCIO was founded with a single purpose: to transform government IT. We are thought leaders in data analytics, machine learning, cybersecurity and IT transformation.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Qevlar AI

Qevlar AI

Qevlar AI empowers SOC teams, to eliminate redundant tasks and refocus on what truly matters - making the most of every employee within the SecOps team.

Anch.AI

Anch.AI

Anch.AI is an Ethical AI Governance platform that helps you comply with EU regulations and avoid risks and penalties when developing and using AI as part of your business.

Cyber Unicorns

Cyber Unicorns

Cyber Unicorns is a cyber security consultancy created to help drive cyber security outcomes in the small to medium-sized business space.