Here are 4 of the most common cyber threats, what they mean to your business and how can you protect yourself from them.
Evolution of Malware
In the past decade forms of malicious software, including spyware, ransomware, viruses, and worms, have taken a new level of danger. The advent of network-based ransomware worms eliminates the need for the human element in launching ransomware campaigns.Before the rise of self-propagating ransomware, malware was distributed in three ways: drive-by download, email, or physical media such as malicious USB memory devices. All of these methods required some human interaction, with the evolution of ransomware, an active and unpatched workstation is all that is needed to launch a network-based ransomware campaign.
What does this mean?
Creating policies to protect from human behavior won’t be enough. WannaCry or Nyetya are only a taste of what’s to come. Once inside your system, these types of new sophisticated malware can block access to critical components of your network and disrupt your systems. This is why patch management is important for cybersecurity, as it continuously updates your applications helping your workstations to remain secure.
How to protect your business?
Choose an integrated framework for cybersecurity. By understanding the critical vulnerabilities your business has, you can build an integrated layered framework. This approach is more cost-effective than having multiple solutions operating independently, and it also represents a better picture of your overall cybersecurity. However, an integrated approach might not be the easiest to implement so having the guidance of experts is well advised.
Web encrypted threats
The expanding volume of encrypted web traffic—both legitimate and malicious—creates even more challenges and confusion for defenders trying to identify and monitor potential risks.
Enhanced by the low price of SSL certificates along with Google’s HTTPS encryption requirements, today more than ever businesses are encouraged to encrypt their website information. As the volume of encrypted global web traffic grows, adversaries appear to be widening their embrace of encryption as a tool for concealing their criminal activityWhat does this mean?
Encryption is meant to enhance security, but it also provides malicious actors with a powerful tool to conceal command-and-control (C2) activity, affording them more time to operate and inflict damage. Without the right technologies, you won’t be able to tell an attack is happening until it is too late.
Web encrypted threats commonly end up becoming Man-in-the-Middle attacks. Attackers will insert themselves into a two-party transaction. From unsecured public Wi-Fi, attackers will infect the device and then the network without you even noticing it. Learn more about web security woes and how to prevent them.
How to protect your business?
When building your cybersecurity strategy, you will need to incorporate more automation and advanced tools like machine learning and artificial intelligence to complement threat prevention, detection, and remediation. These advanced capabilities can enhance network security defenses and, over time, “learn” how to automatically detect unusual patterns in web traffic that might indicate malicious activity.
Email Phishing
Regardless of how much the threat landscape evolves, malicious email, spam continues to be commonly used by attackers as ways to distribute malware. Moreover, by applying the right mix of social engineering techniques, such as phishing and malicious links and attachments, adversaries need only to sit back and wait for unsuspecting users to activate their exploits.Email phishing is the number one tool to steal sensitive data like credit card and login information or to install malware on the victim’s machine to then be spread throughout the network.
What does this mean?
Email is the number one tool your employees use when communicating with co-workers, vendors, customers, and partners. On average they can receive around 200 emails per week, not having an anti-phishing solution that goes beyond spam filters can leave your business vulnerable. In 2018 phishing and spear-phishing emails were at the root of some of the biggest, headline-grabbing breaches.
Some of the common tactics and tools adversaries use to execute phishing campaigns include:
- Domain squatting: Domains named to look like valid domains (example: cisc0[dot]com).
- Domain shadowing: Subdomains added under a valid domain without the owner’s knowledge (example: badstuff[dot]cisco[dot]com).
- Maliciously registered domains: A domain created to serve malicious purposes (example: viqpbe[dot]top).
- URL shorteners: A malicious URL disguised with a URL shortener (example: bitly[dot]com/random-string).
- Subdomain services: A site created under a subdomain server (example: mybadpage[dot]000webhost[dot]com).
How to protect your business?
Consider a solution that goes beyond spam-filters; experts consider 3 easy steps to make you an email security savant, which include making sure the emails are coming from a reputable source and blocking all those dangerous links before they reach your inbox. Also, having a solution that uses retrospective security capabilities will help you unveiled threats that have passed your security checks before they can do real damage to your systems and network.
IoT and Endpoint Attacks
The IoT is still evolving, but adversaries are already exploiting security weaknesses in IoT devices to gain access to systems—including industrial control systems that support critical infrastructure.
Infecting IoT devices is an excellent way for attackers to launch denial-of-service attacks flooding systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests, slowing the performance and disrupting businesses.
What does this mean?
As the IoT expands and evolves, so too are IoT botnets. And as these botnets grow and mature, attackers are using them to launch DDoS attacks of increasing scope and intensity. These IoT botnets are thriving because organizations and users are deploying low-cost IoT devices rapidly and with little or no regard for security.
How to protect your business?
Once again machine learning solutions will be your answer. Machine-learning algorithms hold the promise of providing greater visibility into the cloud, IoT devices, and user behavior. If IoT attacks continue to become more sophisticated, your IoT and endpoint security solutions must match this level of sophistication, finding a solution that not only allows for automation and machine learning, but that also considers retrospective security can be a great way to detect, prevent and remediate these attacks. You must think of your IoT and endpoint security as the protein in your cybersecurity sandwich. Protecting your IoT and endpoint devices will be critical in stopping attacks from reaching out your network and expanding to other critical systems.
In the modern threat landscape, adversaries are adept at evading detection. They have more effective tools, like encryption, and more advanced and smart tactics, such as the abuse of legitimate Internet services. They are continually evolving their tactics to keep their malware fresh and effective.
Thankfully the defense landscape is also evolving, continuously thinking of new ways to build a layered approach to cybersecurity considering all the potential threats and aiming to go one step ahead of criminals.
Download The Cisco Cybersecurity Report
Understand the threat and defense landscape. Make yourself aware of the evolution of ransomware and the sophistication of threat attacks. This report will also provide you with helpful tips and insights to build your cybersecurity strategy for 2019.
Wait no more, download the report today!
