Cy­ber­se­cu­rity needs to be on ev­ery or­ga­ni­za­tion’s agenda for 2017

Kuwait Times - - TECHNOLOGY -

There’s no rea­son to believe that 2017 will be any better for cy­ber­se­cu­rity than it was in 2016. If any­thing 2017 will be even worse as cy­ber­crim­i­nals con­tinue to lever­age social en­gi­neer­ing and phish­ing tech­niques to find new vul­ner­a­bil­i­ties to ex­ploit, de­velop new ways to mon­e­tize their ac­tiv­i­ties and get through cor­po­rate de­fenses and tar­get in­di­vid­u­als. In 2017, cy­ber­se­cu­rity bat­tles fa­vor crim­i­nals even more as vul­ner­a­ble In­ter­net of Things (IoT) de­vices will con­tinue to ex­pand the pos­si­ble plat­form­sof at­tack. Gart­ner es­ti­mates that by 2020 more than 25% of at­tacks in en­ter­prises will in­volve IoT de­vices.

This past year, we saw cy­ber­crim­i­nals be­com­ing more so­phis­ti­cated, threats be­com­ing more ad­vanced and cy­ber­at­tacks caus­ing more dam­age to or­ga­ni­za­tions. So as we ap­proach 2017, let me share a few cy­ber­se­cu­rity predictions which we, at Mime­cast, see be­com­ing even larger is­sues as we en­ter the New Year:

Ran­somware will be­come one of the big­gest threats that or­ga­ni­za­tions will need to ad­dress, fu­elled by an in­creas­ing mul­ti­tude­o­fat­tack­ers us­ing off-theshelf kits and lever­ag­ing a vast net­work of cy­ber­crime ser­vice providers to run their ran­somware cam­paigns. Ran­somware rep­re­sentsan easy, cheap, and low risk at­tack method that pro­duces sig­nif­i­cant prof­its for the at­tack­ers. In ad­di­tion few or­ga­ni­za­tions have ef­fec­tive de­fences against ran­somware and now with Bit­coins and other anony­mous pay­ment sys­tems en­abling the per­pe­tra­tors to get paid more eas­ily, with­out being traced, it has never been so easy to make a good liv­ing off of ran­somware.

The media in 2016 have been very fo­cused on ran­somware at­tacks. How­ever, one of the lesser pub­li­cized prob­lems (but by some mea­sures is larger in terms of its neg­a­tive im­pact to or­ga­ni­za­tions) are email im­per­son­ation at­tacks. Some­times called whal­ing or CEO fraud at­tacks, these at­tacks can cost or­ga­ni­za­tions hun­dreds of thou­sands in fi­nan­cial losses. In fact, ac­cord­ing to the FBI, im­per­son­ation at­tacks led to more than $3 bil­lion in losses over the last three years. We ex­pect to see these at­tacks, be­cause of the as­so­ci­ated fraud and loss that they cause, as the next “it” at­tack flood­ing the media. There is noth­ing cheaper, eas­ier, and less risky for at­tack­ers to do than just send well-crafted and timely emails which cre­atively re­quests for money to be sent to them. The at­tack­ers don’t even need to use mal­ware for this, they just need to be clever with their social en­gi­neer­ing.

Macro mal­ware still in the game

Once thought of as a thing of the past, macro mal­ware which of­ten hides in Word or Ex­cel files, has reen­tered into the ring of pop­u­lar at­tack meth­ods. While most or­ga­ni­za­tions choose to block ex­e­cutable email at­tach­ments at their se­cu­rity gate­ways by de­fault, they gen­er­ally still al­low po­ten­tial work-re­lated files, such Mi­crosoft Of­fice doc­u­ments, to pass freely. At­tack­ers ex­ploit this by weaponiz­ing files in these com­mon Of­fice for­mats. Ac­cord­ing to Mime­cast re­search, 50 per­cent of firms have seen email at­tacks that use at­tached macros in­crease over the last year. Why? It works well and can get through tra­di­tional AV-based de­fenses. And that’s why we’ll con­tinue to see waves of macro mal­ware into next year and be­yond.

Reign­ing-in data res­i­dency and gov­er­nance

In­creased state-spon­sored at­tacks will lead to more strin­gent re­quire­ments around data res­i­dency and gov­er­nance, as well as in­creased fo­cus on na­tional-level fire­walls to mit­i­gate threats but al­low re­gional busi­ness ac­tiv­ity to con­tinue un­in­ter­rupted. Ad­vance­ments in manag­ing in­ter­net traf­fic from dif­fer­ent ge­ogra­phies may also be­come a fo­cus as­the global trade land­scape changes. Un­for­tu­nately this comes with the risk of ‘balka­niz­ing’ the In­ter­net and re­strain­ing the free ex­change of in­for­ma­tion.

Fo­cus on data min­ing

One theme that is still over­looked, but should come into greater fo­cus in 2017, is that cy­ber­crime is not just about wire trans­fers and im­me­di­ate and di­rect mon­e­ti­za­tion of stolen in­for­ma­tion. At­tack­ers are in­creas­ingly fo­cused on data min­ing and will use the data they gather in more ad­vanced fu­ture at­tacks,or sell it on the Dark Web for oth­ers to do the same. While more di­rect at­tacks such as email im­per­son­ation and wire trans­fer fraud is, and will con­tinue be an is­sue in the fu­ture, or­ga­ni­za­tions need to also think about where else they’re sus­cep­ti­ble and en­sure they have the ap­pro­pri­ate pro­tec­tive mea­sures in place against these longer tail at­tacks. Or­ga­ni­za­tions need to de­ter­mine which data of theirs could pos­si­bly be used to at­tack them or other or­ga­ni­za­tions at a later time, and then take in­creased mea­sures to se­cure it.

Cy­ber es­pi­onage to cause po­lit­i­cal dis­rup­tion

Na­tion states and their spon­sored op­er­a­tives will in­creas­ingly use cy­ber es­pi­onage to cause po­lit­i­cal shifts, dis­rup­tion of ad­ver­saries, and to gain eco­nomic ad­van­tage in par­tic­u­lar strate­gic ar­eas. This will in­volve, but will not be lim­ited to, email-based hack­ing and the dis­clo­sure of other forms of private com­mu­ni­ca­tions, and the dis­rup­tion of and in­ter­fer­ence with crit­i­cal na­tional in­fra­struc­tures. Em­ployee ed­u­ca­tion and tak­ing ad­e­quate mea­sures to pro­tect or­ga­ni­za­tions from cy­ber at­tacks will con­tinue to be of high im­por­tance dur­ing the course of 2017 as cy­ber crim­i­nal con­tinue to tar­get the weak­est link in an or­ga­ni­za­tion’s se­cu­rity: its em­ploy­ees.

WASH­ING­TON: In this photo, Mount Rainier fills the sky be­hind as a group of snow­shoers head out of the Par­adise area for an out­ing at Mount Rainier Na­tional Park, Wash­ing­ton. (In­set) A group of peo­ple hud­dle to­gether to take a selfie on a cell phone at the Par­adise area. —AP

Ran­somware be­comes more reg­u­lar and so­phis­ti­cated Matthew Gar­diner, Se­nior Prod­uct Mar­ket­ing Man­ager of Mime­cast

Im­per­son­ation at­tacks in the spot­light

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.