With cybercriminals constantly evolving their hacking techniques year over year, and with emerging technologies providing more attack surface for hackers to exploit, executives and IT leaders must plan for the inevitable. Although we haven’t experienced anything as wide-spread and troubling as the WannaCry attack in May 2017, every organization should be prepared for a crisis at that level again.
In a perfect world, all organizations, no matter the size or industry, would be backed by integrated technologies and machine-learning enabled analytics with teams at the ready to defend their systems, data and employees. But unfortunately, that level of security usually is not financially or logistically feasible. Although cyber attacks may seem like a distant threat on a day-to-day basis, there are a handful of attacks on the rise that every future-oriented leader should be including in their security strategy.
In 2019 especially, every organization should be prepared for these top five security threats.
1. Ransomware and Malware: More Costly than Data Breaches
Ransomware is already on track to hit $11.5B in damages this year, which roughly translates into someone becoming a new victim every 14 seconds. These threats are more costly than traditional data breaches, but it’s not the threat of paying a ransom and the cost of stolen data that’s convincing executives to strengthen their security protocols. These days, the motivating factor is minimizing the most expensive impact—the broader organizational disruption of a cyber attack and the cost to both clean up the network and to restore business operations. Ransomware is on the rise, and it will cost more than you might think.
2. Endpoint Attacks: Cloud and SaaS Trends Make it Easier for Hackers
As companies move more resources into the cloud, attack surfaces will continue to grow, thus making it easier for intruders to avoid traditional security measures. With the bring-your-own-device culture that we live in today combined with the proliferation of SaaS providers for data services, hackers have plenty of attack vectors from which to choose.
The challenge that organizations face today is securing access to off-premise resources, which are commonly used as a steppingstone for bad actors to get into the network. After all, every attack begins at an endpoint, whether it serves as the true target or not. The infiltration can occur from the unauthorized use of Shadow IT applications co-mingled with company resources or users simply getting “pwned” (hacked) off the corporate network through other means; regardless of point of origination, the threat to the user endpoint is a real challenge that has yet to be solved.
3. Phishing: More Sophisticated than Ever
Phishing has long been proven to be one of the cheapest and easiest ways to compromise targets, which is why it remains the number one cyber attack vector for hackers. More often than not, phishing attacks appear in the form of everyday emails from trusted sources but deliver malware to your computer or device, giving the hacker the critical access they need.
We recently worked with a high-tech company who detected a new workload engaged in command and control activity and flagged it as an unusual anomaly. When it came to response, we were able to shut down the rogue instance and quarantined the user account.
There’s no easy way to organically monitor security activity within cloud infrastructures and with the widespread use of SaaS services like Dropbox, Slack, Office 365, Salesforce and others, hackers are improving their impersonation skills with more sophisticated attack types ranging from credential stuffing to advanced social engineering methodologies. The content is becoming more relevant and interesting to potential victims, luring them to engage and divulge information. As a result, these attacks have become more difficult to recognize, even for tech-savvy users.
4. Third-Party & Supply Chain Attacks: On the Rise
A supply chain attack (also called a third-party attack) occurs when your system gets infiltrated through an outside partner or provider that has access to your systems and/or data. With more digital supply chains and service providers touching more enterprise data than ever before, the attack surface has dramatically changed. Hackers have wider opportunities, and these types of attacks are becoming more apparent.
Software updates and security patches are critical protections, yet another area of vulnerability when working with third parties. Most third-party software is dependent on external libraries and resources for updates and patches. If these external resources are compromised by bad actors, they can easily redirect system updates to malicious servers to deliver malware to their victims.
5. AI- and ML-Driven Attacks: Cybercrime Evolves with Advanced Tools
Machine learning (ML) and other artificial intelligence (AI) approaches are now being used to fight cybercrime, becoming "table stakes" in all modern security strategies. But the same tools are being used against us.
As ML and AI become more readily available to the masses, hackers are using them to enhance the sophistication of their attacks. With these tools, attacks can be multiplied and cybercrime can reach all-new heights. We’re already seeing the evidence! Many of the recent widespread ransomware attacks are ML- and AI-driven.
The threat landscape is constantly evolving, so it’s crucial for companies and all privacy-minded users to heighten their awareness around the latest cybersecurity threats. While it’s possible to mitigate risks on your own, many IT departments now pass this task to trusted managed security services providers.
About the author: Trevor Parks is the director for security solutions at Masergy. He is responsible for guiding the development, evolution and implementation of Masergy's Unified Enterprise Security services platform. Trevor contributed to the development of the patented Network Behavioral Analysis technology at the core of the Masergy’s security solutions aimed at detecting APTs and other advanced threats affecting customer networks.