Cybersecurity Vigilance Is Mandatory

 

 

Over one-quarter of organisations experienced a mobile malware attack, with the majority being on the Android operating system. 

 

In fact, of the threats organisations faced from all attack vectors, 14% of total malware alerts were Android related. By comparison, only .000311% of threats were targeted to Apple iOS. Mobile threats are a looming threat that must be addressed, especially as the mobile-shopping holiday season nears. These threats can become a gateway for corporate networks to be exploited. Criminals know mobile is an accessible target for infiltrating a network, and they are exploiting it.

 

Cryptojacking remains prevalent and continues to grow in scope. The number of platforms affected by Cryptojacking jumped 38% and the number of unique signatures nearly doubled in the past year. These include new sophisticated platforms for advanced attackers as well as “as-a-service “platforms for novice criminals. Botnets are also increasingly leveraging Cryptojacking exploits for their attack strategy. 

 

Although it is often considered to be a nuisance threat that simply hijacks unused CPU cycles, security leaders are realising how Cryptojacking can become a gateway for additional attacks. Underestimating the repercussions of Cryptojacking places an organisation under heightened risk.

 

The number of days that a botnet infection was able to persist inside an organisation increased 34% from 7.6 days to 10.2 days, indicating that botnets are becoming more sophisticated, difficult to detect, and harder to remove. 

This is also the result of many organisations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, and thoroughly scrubbing a network after an attack has been detected. Many sophisticated botnets go dormant after detection. If the root cause or “patient zero” is not located and removed, many botnets simply return once normal business operations resume.

 

Encrypted traffic now represents over 72% of all network traffic, up from 55% just one year ago. 

While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, it also represents a real challenge for traditional security solutions. 

 

Critical firewalls and IPS performance limitations of some legacy security solutions continue to limit organisations from inspecting encrypted data. As a result, this traffic is increasingly not analysed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

 

In digital terms, eternal vigilance involves visibility and control. However, digital transformation efforts have restricted the visibility and fragmented the controls of many organization. 

 

To successfully address today’s challenges, IT teams need to rethink their security strategy, from implementing effective security hygiene measure, to implementing an integrated security fabric architecture that can seamlessly span the entire expanding attack surface for unified visibility and the ability to orchestrate controls from a single console.

 

To that end, here are several corollary security strategies every organisation needs to consider when addressing the modern threat landscape:

 

• Countering Advanced Threats. The evolution of the threat landscape requires a security transformation. This includes a shift from point security products, manual security management, and reactive security to a strategy where different security elements are integrated into a single system, security workflows can span multiple network ecosystems, and threat-intelligence is centrally collected and correlated. It also requires that advanced sandboxing be integrated across multiple security elements, enabling organisations to prevent and detect previously unknown threats regardless of where they appear.

 

• Leverage Automation. As the speed of threats rapidly increase, the number of evasive techniques multiply, and the time windows for prevention, detection, and remediation continue to shrink, automation is pivotal. Organizations require a security platform at the same time where each of the different elements communicate with each other in real time.

 

• Combatting Cryptojacking. Security leaders must realize that the threat of Cryptojacking is more than just the degradation of performance and computing workloads and the theft of expensive cloud computing resources. Cryptojacking raises the risk, due to defenses being taken down, of data theft and operational outages for IT and OT infrastructures. Infection also is an indication that larger security issues exist. 

 

One essential approach to combatting Cryptojacking involves maintaining a comprehensive inventory of devices (especially IoT devices) across your network and baselining behavior. With this information in hand, you’re able to monitor for aberrant behavior that may reflect Cryptojacking activity.

 

• Know When to Detect Threats. The haystack of traffic is much larger during workdays, and thus it is harder to pinpoint threats. But as the volume of traffic shrinks over the weekend and holidays, it is much easier to find those malicious needles. To that end, organizations need to ensure they have 24/7 security and network operations that enable them to search for and find needles in the much smaller haystack of non-operating hours.

• Mobile Threats. The total number of company-owned mobile devices in use increased 2.5% from 2017 to 2018. This doesn’t include the expanding volume of personally owned mobile devices connected to networks as a result of the 72% of organisations that have a BYOD-friendly policy. 

 

Because cybercriminals understand that mobile is an easy target for infiltrating a network, security leaders need to ensure they have the appropriate controls in place to protect against those devices, especially at their wireless access points.

This requires that wireless access points and mobile security services be fully integrated into next-generation firewalls, combined with automated threat-intelligence sharing between them and your broader set of security elements. Establishing visibility and controlling access to your network using a third-generation Network Access Control solution is also critical.

 

Cybersecurity challenges continue to grow, and organizations in the midst of digital transformation efforts are especially vulnerable. As the holiday season approaches and more and more consumers are online, cybercriminal efforts are expected to accelerate. Retailers and others offering Omni-channel experiences to their customers need to pay particular heed to their wireless access points, which can easily and quickly be exploited by malicious criminals. These sorts of threat vectors are especially concerning as they can become a gateway for your corporate network to be exploited. 

 

 

 

CSO: 

 

 

Botnets Are Here To Stay:

 

Crypto-Mining Hits 42% Of Organisations Worlwide: