The world of cyber security can be incredibly daunting, especially for people new to the industry. Almost daily you see news of nation states battling nation states for online supremacy, millions of people’s personal identifiable information being stolen, leaked or sold on the dark web, and ransomware running wild, causing irrevocable damage. How can anyone stay safe in this hostile environment?
The main thing to always remember is that the internet was never built with security in mind. Therefore, it can seem we are in constant catch-up mode; that there is no lasting defence against the myriad attackers out there looking to make us a victim.
Although nation state activity will not affect everyone, cyber crime in general is now extensive – admittedly low in sophistication but high in volume. It is a chronic problem and one that is only going to get worse before it gets better. With that in mind, I have compiled what I believe are the current threats, and the preventative actions that can be taken to tackle them.
The current threats facing companies
Increasingly complex automated attacks – but also security fundamentals not being followed
Businesses are facing more and more complex automated attacks; at times, there is little technical knowledge required from the people running the attack.
That said, in my experience most attacks would be foiled if the fundamentals of security and defence were followed. Problems are caused by a lack of knowledge, so I would urge all individuals and businesses to get these fundamentals nailed down, as they will protect against most attacks.
Ransomware and DDoS attacks on the rise
With the likes of the WannaCry and NotPetya attacks of recent memory, to name just a couple, ransomware and distributed denial of service (DDoS) attacks are on the rise. In 2017 alone, DDoS attacks rose by 91%, and I feel this will only continue.
Cyber crime becoming more professional and like modern business
Cyber crime has moved away from the ‘bedroom hacker’ model many people imagined, and now functions like a professional commercial enterprise. There are now extensive dark web communities and it will only become easier to hire or rent hackers, ransomware, trojans, viruses and more. Hacking has effectively become a business service in its own right; examples include Dream Market, Wall Street Market and Tochka.
Data breaches
Data breaches are always going to be a threat facing companies around the world, and at times the lines between who is conducting attacks – nation states or cyber criminals – can be blurred, depending on the outcome.
It is, however, worth noting that the techniques used with data breaches are not particularly advanced.
Insider threats
No matter the company, there will always be a potential insider threat from disgruntled or opportunistic staff taking advantage of security flaws. A prime example of this was when US National Security Agency (NSA) secrets were stolen and released by Shadow Brokers, resulting in the EternalBlue exploit being released and ultimately used in the WannaCry campaign.
Supply chains
This is a relatively new attack vector, where bad actors typically seek to introduce security flaws and exploitables into equipment or software prior to it being supplied to the target. This is a growing threat, so all companies need to check down the chain that their suppliers are also taking security seriously.
Fake news
To some this may seem out of place when talking about cyber security; however, fake news can pose a real threat to businesses and individuals, as social media presents an opportunity to manipulate people or cause reputational damage to individuals and organisations alike. The 2016 US Presidential election is arguably a powerful example of this, while in Myanmar in 2017 the authorities used Facebook to manipulate the population with anti-Rohingya minority propaganda.
Internet of Things
The rising number of devices being connected to the internet without the ability to secure them or update them poses a major threat, as cyber criminals can deploy massive DDoS attacks and cryptomining attacks against such software, similar to what has been seen with Marai and Satori.
How to defend against these threats
Take security seriously
Be vigilant and make people your first line of defence
Only keep data on a need-to-know basis (GDPR Compliance)
Patch promptly
Encrypt sensitive data
Use two-factor authentication
Don’t forget physical security
If you would like to join our community and read more articles like this then please click here.