The Cyber Security Landscape: A Frightening Picture

Uploaded on 2017-02-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A recent report by the Institute for Critical Infrastructure Technology (ICIT), a cyber security think tank that acts as a conduit between the private sector, US federal agencies and the legislative community, paints a frightening picture of the information security landscape.

The study, Rise of the Machines: The Dyn Attack Was Just a Practice Run, published in December 2016, shows just how vulnerable organisations are to the latest attack vectors. Corporate as well as government security executives need to understand what they’re up against when it comes to threats such as distributed denial of service (DDoS).

“The perfect storm is brewing that will pummel our nation’s public and private critical infrastructures with wave upon wave of devastating cyber-attacks,” the report notes. “The Mirai malware offers malicious cyber actors an asymmetric quantum leap in capability; not because of sophistication or any innovative DDoS code, rather it offers a powerful development platform that can be optimized and customised according to the desired outcome of a layered attack by an unsophisticated adversary.”

Script kiddies and cyber-criminal gangs are already drastically expanding their control over vulnerable Internet of Things (IoT) devices, which can be contracted in DDoS-for-Hire services by a virtually unlimited number of actors for use in an infinite variation of layered attack methods, the study says.

The brunt of the vulnerabilities on the Internet and in IoT devices rest with DNS, ISPs and IoT device manufacturers, “who negligently avoid incorporating security-by-design into their systems because they have not yet been economically incentivised and they instead choose to pass the risk and the impact onto unsuspecting end-users,” the report says. As a result of this, IoT botnets continue to grow and evolve.

As the adversarial landscape including nation state and mercenary bad actors, hacktivists, cyber-criminal gangs, script kiddies, and others continues to evolve, public and private data, intellectual property, and critical infrastructure continues to be pilfered and disrupted, ICIT says. The sectors at greatest risk for attacks include financial services, healthcare and energy.

The ICIT report presents a number of recommendations for organisations as they struggle to defend against the growing number of attacks. One is to develop actionable incident response plans. The key to an organisation’s survival in an increasingly hostile threat landscape is preparedness and forethought.

“At the moment, organisations have few technical options to mitigate DDoS aside from anti-DDoS service, endpoint security, and filtering rules,” ICIT says. “Instead, organisations can improve their security posture by developing an actionable and practiced incident response plan or standard operating procedure (SOP) for their personnel to follow in the event of an attack.” These plans ensure a chain of communication and command, and preclude short-term actions that could harm the organisation in the long-term.

Another step is to develop penetration tested IoT software and hardware featuring security-by-design. “Mirai demonstrates that rapidly developed or negligently developed IoT software and hardware can and will be leveraged for malicious purposes,” the report notes. “If IoT botnets are to be diminished and weakened in the future, IoT software and hardware must be developed with security-by-design.”

Device manufacturers do not include security-by-design due to lack of time, expertise and economic incentive. While some IoT and mobile software is developed in the US, most is developed or adapted abroad.

“Despite the possibility of regulatory measures from the United States and other nations, there is a strong likelihood that these constraints and the resulting manufacturer behaviors will remain unchanged,” ICIT says. “Rather than impose additional constraints on developers that will impact their already narrow profit margins, the cyber security community can build initiatives that promote the open source development and testing of IoT software.”

Training and policy are also critical. DDoS attacks are often distractions in multi-tiered cyber-attacks, in which the attacker aims to weaken network defenses or divert critical resources away from another attack vector while establishing persistent presence on the network, ICIT says. In other cases, botnets are used to deliver ransomware and other malware onto network systems.

Cyber security controls and basic training can greatly limit the number of network assets susceptible to botnet infection, the group says. This includes training on how to ignore social engineering lures, policies enforcing hardened system authentication controls at every interface, defensive measures against compromised certificates, reliance on data execution prevention and data loss prevention services, and other essential cyber security controls.

Finally, organisations need to begin holding device manufacturers accountable for security flaws. Mirai and other malware that infect IoT devices are designed to exploit weak security, default credentials, and hard-coded credentials and settings, ICIT says. Some manufacturers have begun to require complex credentials to be created upon activation of devices, while many others continue to distribute devices whose default or hard-coded credentials leave the devices vulnerable to infection.

Government contractors and private sector companies have the ability to refuse to engage with manufacturers that do not incorporate security by design into devices, ICIT says.

BusinesInsights:

How Cyber Attacks Will Get Worse In 2017:         Critical Cybersecurity Protocols To Implement:

 

« Indian Police Training To Crackdown On Electronic Fraud
GoggleBox: Moderate Screen Use 'Boosts Teen Wellbeing' »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN) is a not for profit group of professionals in the field of Information Security in Nigeria and Diaspora.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

Zivver

Zivver

Zivver is the effortless, secure email platform, powering the next generation of secure communications.

Deep Instinct

Deep Instinct

Deep Instinct provides comprehensive defense that is designed to protect against the most evasive unknown malware in real-time, across an organization’s endpoints, servers, and mobile devices.

ThreatMark

ThreatMark

ThreatMark provides fraud detection solutions for digital banking and payments.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

The Cyber Scheme

The Cyber Scheme

The Cyber Scheme provides NCSC certified and assured assessments, training and career support for security testers & technical cyber professionals.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.