Infosecurity: What threats are we faced with?
Multiple threats face the technological spectrum today. Top among them are users, inadequate security technology, new technology with weak security, social media attacks . . .
ARRESTING cybercrime is becoming more and more cumbersome due to the ubiquitous nature of commission of these offences. Modern technologies and ever-evolving ways to circumvent security measures are not helping issues. We are faced with a grotesque amount of threats as we utilise the internet for our day to day tasks.
Multiple threats face the technological spectrum today. Top among them are users, inadequate security technology, new technology with weak security, social media attacks, incorrect configuration, use of third party applications and software, mobile malware, outdated or unpatched software, lack of encryption, weak bring your own device policy, social media attacks, social engineering among others.
Users, be they administrators or ordinary users present the biggest threat and vulnerability in the security matrix. They are responsible for a large number of security incidences that occur in the workplace. They may come as insider threat as in the case of disgruntled employees or resultant from accidental user action.
A disgruntled administrator may elect to wipe servers containing sensitive corporate information as well as their backups in one negligent action. This could have untold repercussions. There is absolutely no way of predicting this since he has all the tool and privilege to access whichever system to bring down. Stringent access control and user monitoring could be a step in trying to arrest such behaviour.
Users are also falling victim to Spear phishing, a technique of using ordinary email scams aimed at fooling victims into believing that email have come from a legitimate source yet the email redirects the user to a bogus website whence they get infected by malicious payload. More often than not, individuals do not think twice before opening word or pdf documents. Disguised to look genuine, these documents offload malicious payload onto user machines once opened and create backdoors through which the attacker gets escalated privilege to the attacked machines.
The victim machines can then be used as a botnets or zombies (malware injected machine being used to attack other computers and networks). Their aim mainly is denial of service (use of one machine to attack several machine and deny users access) or distributed denial of service (use of botnets).
This form attack is not performed by mediocre hackers but by people with direct criminal intent for monetary gains, trade secrets and stealing sensitive data which they can use for ransomware and blackmail. It is targeted at specific organisations, businesses and or individuals who can later be arm twisted to pay large sums of money in exchange for non- divulgence of stolen sensitive information and restoration of their affected data.
It is paramount to teach employees what not and what to do in the workplace especially on how to deal with unsolicited mail. Email gateways at corporate level should be used to remove malicious emails before they get to users.
Companies are often in the habit of buying personal devices for employees that they use to access corporate resources. Whether or not this is company policy, so much confidential information ends up on personal devices such as phones and laptops.
These gadgets contain little to no security mechanisms to protect confidential information as there are susceptible to casual users at home. This presents an easy gateway by which targeted individuals get fleeced of information.
Social media attacks are slowly being used as gateway to gain sensitive data from unsuspecting victims. Among the common attacks is the water holing attack.
This is whereby a criminal does not specifically target individuals in their work environment, but rather waylays the victim via a common website that colleagues at work often visit for example movie download sites that they frequent. It is here where they either create decoys to fool the individual to a bogus website via cross site scripting and ambush them there. Once one machine is infected, the whole network is at the mercy of the attacker.
To prevent spear phishing attacks, systems users should be enlightened on the prevalence of the threat in the work place, for example possibility of bogus emails landing in their inbox. Apart from education, technology. Also email security technology that focuses on email security is necessary.
As new technologies continue to be emerge into the market every day, there is strong concern about security issues or neglect thereof. As newer and trendy gadgets are installed on our networks, they present a vulnerability which can easily be exploited by adversaries. As the adage goes, “security is as strong as its weakest link”. It is imperative to consider high security technologies when we uptake new technology. Complimentary to this, inadequate security measures have led companies to fall victims as they have tools to detect if an intrusion has occurred but have no way of reacting to it. — Africom