They say that the only things that are certain in life are death and taxes. But perhaps one more thing should be added to the list: cyberattacks. If 2014 demonstrated anything, it’s that even the biggest corporations are vulnerable to hacking and data breaches. These enterprise security risks won’t be going away anytime soon, and industry experts predict that the threat landscape will get worse before it gets better.
Cybercriminals will target a variety of endpoints with multiple methods over the next 12 months, but industry experts have narrowed that very large list down to five of the most important risks to enterprises in 2015.
Increased cyber theft
As the massive amount of breaches in 2014 proved, financial information is a popular target for cyber thieves. The hacks at Home Depot and Target saw hundreds of millions of credit cards compromised after malware infected the retailers’ point-of-sale systems, and with such success is sure to come copycats. However, as electronic methods of payment, such as Apple Pay, become more popular, it increases the opportunities for cybercriminals to steal users’ financial information.
“Although this would require cyber criminals to target individual cards and wouldn’t result in large scale breaches or theft like we have seen in the U.S.,the payment technology used won’t protect against retailers who aren’t storing payment card data securely, and they will still need to be vigilant in protecting stored data,” said Candid Wüest, threat researcher at Symantec Security Response, in an interview with CNBC.
Timing is crucial when a cybercriminal has gained access to a network and stolen data. Increased monitoring and detection are one of the most reliable ways to ensure the effects of a breach are mitigated as quickly as possible and future attacks of the same nature are protected against.
Internet of Things
The IoT didn’t reach quite the same height of popularity in 2014 as technology like the cloud, but more devices are connecting to the ever-expanding network all the time and increasing its footprint in the tech landscape. Because the IoT is growing at such a rapid pace but is still a fairly new concept, it is highly susceptible to hacking which puts users at risk. The highly interconnected nature of the IoT causes a variety of unique security issues.
“We’re already seeing an increase in major attacks associated with the IoT,” said Paul Nguyen, president of security firm CSG Invotas, in an interview with InformationAge. “Botnets created on connected devices (even appliances like refrigerators) can, for example, start a spam e-mail attack. TVs with built-in cameras and microphones pose another attractive target, as do other previously innocuous household devices. The possibilities for IoT attacks are truly endless…”
In order to most effectively protect against cyberattacks originating with an IoT-connected device, organizations will need to deploy enhanced network monitoring and analytics. Defense solutions like security information and event management allow companies to identify patterns of suspicious behavior and use it to create a more robust protection strategy.
While many of the big security risks for enterprises in 2015 revolve around things malicious actors do, one of the most serious threats is caused by those inside. Despite constant reminders about the necessity of strong passwords and authentication measures, many employees continue to use simple, easy-to-crack codes that do little if anything to deter cybercriminals.
“The biggest security mistake companies are making is that they are continuing to rely on outdated password-based authentication systems to protect sensitive data and cyber assets,” warns Christian Campagnuolo, a senior VP at MicroStrategy. “Passwords are by far the weakest link in cyber protection, as they can be stolen, lost or guessed.”
Utilizing alternative methods for user authentication will become increasingly necessary as passwords grow more obsolete. Tools like biometric scanners that use retinas, fingerprints or even DNA to deliver system access are slowly becoming mainstream plus out of band one-time-passwords as companies search for the best way to protect sensitive information.
Whereas cybertheft is affecting businesses and individuals, cyber espionage is aimed directly at major corporations and governments guarding privileged information. Exploiting network vulnerabilities and system flaws has become the method of choice with which state-supported actors steal secrets. In an interview with CNBC, Cyber Senate founder Jamison Nesbitt said that “the next world war will be fought on a keyboard,” and warned that governments and other high-profile organizations should expect an influx of cyber espionage in 2015.
The whole point of cyber espionage is that it is an extremely surreptitious method of theft, meaning it’s difficult to detect an intrusion at all, let alone in enough time to stop those responsible. However, just as with the Internet of Things, network monitoring and activity analysis can greatly increase protection of sensitive data. A managed SIEM service uses big data analysis to identify irregular behavior that may suggest an intrusion, detecting threats in much less time than traditional methods.
This especially damaging form of malware has been included in every cybersecurity rundown for the new year because it’s been causing a lot of trouble for businesses recently and continues to grow more sophisticated.
“We predict ransomware variants that manage to evade security software installed on a system will specifically target endpoints that subscribe to cloud-based storage solutions such as Dropbox, Google Drive, and OneDrive,” noted a McAfee report on 2015 cyber risks. “Once the endpoint has been infected, the ransomware will attempt to exploit the logged-on user’s stored credentials to also infect backed-up cloud storage data.”
Ransomware encrypts data on a victim’s device and refuses to share the decryption key until a specified amount of money is paid. Security researchers expect that, as the success of these attacks grows, they will become more frequent and start to target mobile devices and cloud-backed data.
As ransomware becomes more sophisticated and is used more frequently, traditional methods of protecting against such malware will become less effective. While firewalls are a beneficial way to keep malicious actors out, they are not impenetrable. Employing a detection and response solution allows organizations to know when their systems have been compromised and to act quickly to mitigate the effects.
Tom Clare, Head of Corporate & Product Marketing
Arctic Wolf Networks