The new normal in IT Security for 2017 is cyberattacks.
While malicious cyberattacks have been around for years, scams and hacks to break through networks to steal and ransom data have rapidly made cybersecurity the biggest IT Support and Security issue in 2017.
Increased phishing attacks, social engineering scams, more sophisticated ways to steal passwords and credentials, and greater accessibility to penetrating viruses, worms and malware, cyberattacks have become the new normal across the business information security landscape.
Even More Troubling—those actors originally believed to be saviors of cybersecurity—security researchers hired to prevent attacks—aren’t always completely above board. This past week, one such cybersecurity analyst was arrested at one of the largest hacking conventions for his work in creating and proliferating malware that was directly targeted at American businesses.
I want to ask you one simple question: Is your IT Support team supporting your business (and users) in a way that keeps you prepared for these cyberattacks?
To help facilitate a little thought on this discussion, I think it’s necessary to go through how some of the latest attacks have crippled businesses.
Below are some of the big hitter types of attacks that have reached businesses like yours this year:
Precision Infections— sniffer malware can precisely pinpoint attacks. Cybercriminals are investing in searching out precisely the right types of victims (i.e., businesses that haven’t updated their patches, have outdated security protocols, insecure firewalls, and weak security environments). Note: one easy way to avoid being an easy target (one that criminals are actively sniffing out) is to get a network security assessment.
But even more than simply sniffing out weak business networks, these new precision infections deliver payment methods to your users and can even target VIPs in your organization. Security experts have remarked that sniffer penetration methods have remarkable precision and penetration.
Zero Day Exploits— once in a while, expert hackers are able to identify exploits in a system (like Windows) before the software developers identify the vulnerability and are able to issue a patch. These attacks are often difficult to spot and typically take months to years to exploit.
Essentially with zero day exploits, hackers take the follow 4 step approach:
- Seek out vulnerabilities—hackers scour code looking for vulnerabilities. This process is similar to finding a needle in a haystack, but can have a big payoff once a viable exploit is found.
- Create exploit code—once an attacker finds a hole, they need to figure out how they can exploit it. That includes engineering code that can exploit the vulnerability to allow access into a network.
- Infiltration—the hacker has to then implement the code to sneak past the defenses in place in the software. The hacker needs to identify how he or she can bypass any security in place within the software. The hacker also must test that the code works the way it is supposed to in a test environment before implementing the code in a live environment (i.e., on your network!).
- Launch the exploit—armed with code that works, attackers plant viruses or malware. They may hack into business networks themselves, but more commonly sell or partner with other criminals on the dark web to proliferate their attack.
Two recent example of zero day exploits targeted Microsoft Office bugs—one an encapsulated postscript and another a local privilege escalation.
These attacks are able to penetrate quickly through networks and are often wide reaching. Even when a patch is made for the vulnerability, these initial exploits persist throughout the business community because IT Support teams are either too slow to patch machines or are not monitoring the cybersecurity threat landscape as closely as they should be.
What should you be doing to prevent a zero day exploit?
Make sure your IT Support is monitoring for suspicious activity—your IT Support team should understand how your network is running day-to-day. If a process is using an unusual amount of bandwidth, they should be able to explain what’s going on. Same goes for an unusually high amount of traffic coming across the network.
Updated software—software often is riddled with vulnerabilities. Over time, software developers recognize issues or vulnerabilities in their software and issue patches and updates. Your IT Support should make sure your software is updated or patched regularly.
Updated browsers—one of the easiest ways to hack into a network is when users are surfing the web on dated browsers. Updates to a browser often contain patches to security vulnerabilities. No matter which browser you use, be sure to check to see if yours is up-to-date. Below are some browser-specific instructions ensuring you’re using the latest browser version.
Make sure your business establishes security best practices—does your IT Support set an example of personal online security practices? Do all of your employees follow a standard? If not, users may be risking your network security.
Global Malware Attacks Are Becoming More Common—with greater access to code and growing cybercrime networks, attacks are becoming more far-reaching than ever before.
Think over the past 3 months. WannaCry was one of the first global-targeted campaigns. While the virus was stopped by a British security researcher, other more virulent versions had been released since WannaCry’s initial weekend attack.
NoPetya crippled networks globally soon after, wreaking similar havoc on governments and businesses, alike. There were also hacks to the DNC and Clinton campaigns late last year (each utilizing a Fancy Bear attack).
The goal of some of the latest attacks is to spread as quickly as possible. The latest attacks are good example of how widespread a single attack from North Korea, Russia, or the Ukraine can get.
The scary part with recent attacks is that the code is available for anyone—any criminal—to use. Since the code is freely available on the dark web for anyone to use, it simply takes a laptop (maybe a cellphone modem) to break through networks and steal and ransom your data.
Cybercrime-As-A-Service Is Your New Normal— your headaches and heartburn over IT Security and cybercrime is likely not going away anytime soon.
The Take Home: cyberattacks are getting worse. There’s no denying this. Malicious hackers are finding more and more network exploits. Criminals have a variety of attacks to choose from (with explicit instructions on how to implement the attack!). And Businesses (and their IT Support) are NOT spending enough time (1) patching their networks and having a comprehensive IT Security strategy in place to prevent infections.
Do you have adequate IT Security infrastructure and policies in place to prevent cyberattacks? To validate that your business is taking all necessary steps to keep sensitive data safe, most security analysts recommend that your business rely on comprehensive security assessments.