How to stay ahead of bad actors based on the current cybersecurity landscape.
It can be challenging to keep on pace with cybersecurity threat trends and even more difficult to stay ahead of bad actors themselves. Cybersecurity threats are constantly evolving as bad actors continue to look for new and improved ways to infiltrate your networks to access and exploit your valuable data.
Here are the top five cybersecurity threats of 2020 and some common ways to help protect your organization.
- Social Engineering – This is a type of cybersecurity threat that uses deception to manipulate individuals into providing confidential or personal information that can be used for malicious purposes by bad actors. According to Security Magazine, almost 1/3 of 2020 breaches utilized some form of social engineering, 90% of which relied on phishing as the method.
Another type of social engineering to look out for is business email compromise (BEC) or email account compromise (EAC). This is when an attacker gains access to an email account and impersonates an employee (often an executive or other leadership team member) and convinces someone to send money or sensitive data to the attacker’s account.
Protection Tip: Creating a corporate culture that supports cybersecurity education can start with phishing training. Helping your employees better understand their role in keeping the organization safe with good email hygiene can have a large impact on your overall cybersecurity posture.
- Ransomware – This form of malware encrypts a victim’s software and data. The attacker then demands a ransom from the victim to restore access via the decryption key upon payment, usually through a cryptocurrency like Bitcoin.
A newer form of ransomware is called big game hunting. Attackers will research and select specific targets and hunt them using multistage attacks to gain access to their victims’ environment, locate and identify critical data, install ransomware, and exfiltrate data from their networks. Groups can spend several months lurking undetected in a victim’s network before detonating the ransomware.
Protection Tip: The US Computer Emergency Readiness Team (US-CERT) recommends users and administrators take the following preventative measures to protect their computer networks from ransomware infection:
- Employ a data backup and recovery plan for all critical information and perform and test regular backups.
- Keep your operating system and software up to date with the latest patches.
- Maintain current antivirus software and scan all software downloaded from the internet prior to executing.
- Restrict users’ ability to install and run unwanted software applications.
- Avoid enabling macros from email attachments.
- Do not follow unsolicited web links in emails.
- Implement multifactor authentication (MFA).
- Distributed Denial of Service (DDoS) Attacks – This type of attack pattern intends to compromise network and system availability by disrupting services of or overwhelming a host connected to the internet. By flooding a network with malicious traffic (illegitimate packets), it cannot operate as it normally would through legitimate packets.
Protection Tip: While DDoS is not a small threat, it is one that can be relatively easy to mitigate effectively. According to the Verizon Data Breach Investigations Report (DBIR) 2021, 95% of incidents fell between 13 Mbps and 99 Gbps, a range that can be mitigated through a DoS mitigation service.
- Third-Party Software Vulnerabilities – When running a business, organizations often rely on third-party software to keep records of sensitive client and employee information, among other important data like intellectual property. However, companies might not always be aware that third-party software can make them vulnerable to cyber attacks.
Protection Tip: ISACA – an international association focused on IT governance – recommends organizations create and utilize a third-party risk management strategy, which should include an assessment of the software’s security posture along with any steps required to mitigate risks posed to the company’s core operations. This also should not be a one-and-done process, but instead should be revisited at an appropriate frequency.
- Cloud Computing Vulnerabilities and Misconfigurations – Many businesses are shifting workloads to the cloud to increase efficiency and streamline workloads. Cloud computing can offer organizations a competitive advantage, but it’s important not to rush into cloud adoptions without understanding the risks involved.
Protection Tip: When utilizing cloud computing, you are effectively giving up control to a third party and therefore don’t have your normal monitoring tools. Instead, you should find ways to work with your cloud service provider (CSP) and determine how your organization will address the common security risks faced when moving to the cloud.
Take the FREE Cybersecurity Threat Assessment to understand your current cybersecurity posture and get tips from Pathway’s cybersecurity experts.