New Year’s Eve is a lot of fun — sometimes too much fun (but hey, we’re not pointing fingers!). Amidst all the holiday festivities, though, it can be easy to let your cybersecurity guard down. The new year is certainly a time to celebrate, but it’s also more important than ever to plan ahead for how you’ll deal with the changing threat landscape. We’ve got you covered with a selection of the top cybersecurity threats to be aware of in 2018, plus a few tips for preventative actions you can take to improve your organization’s security standings.
Would you believe that more than half of security breaches are now caused by employees inside the impacted organization? It’s true–not necessarily because these employees are determined to cause harm, but rather due to negligence. In a 2017 Threat Monitoring, Detection and Response Report, 48% of the 400 IT pros surveyed by Dtex claimed that detecting and mitigating insider threat was one of their top concerns. The biggest fear? An inadvertent data breach or compromise (64%).
The growing threat is largely due an increasingly mobile workforce, with employees bringing a diverse set of their own devices and smartphones onto the corporate network.
Businesses of every size need to be aware of the potential insider risks in the year ahead. We highly recommend bootcamp training for all employees to address the need for:
- Awareness of potential threats
- Protecting against inadvertent errors
- Guarding personal information
- Showing caution on social media
- Keeping software and security patches up-to-date
- Responding quickly to incidents
At the same time, though, while Dtex’s respondents focused on inadvertent insider threats, respondents in an August 2017 SANS Institute study ranked malicious insiders as more threatening than negligent staff (40% compared to 36%).
The takeaway: develop and implement a security plan that addresses removable media policies, user privileges, malware protection, physical security, and more.
Internet of Things Vulnerabilities
This holiday season, kids used Google Home to call Santa and Alexa ads peppered the airwaves. But will 2018 be the year bad actors take advantage of the increasing acceptance of Internet of Things (IoT) devices? While regulation efforts stall in the U.S., we can look to the EU’s General Data Protection Regulation to see what success they have enforcing IoT security.
In the meantime, the additional 5 million new IoT devices added daily, per Gartner, means an additional 5 million new security vulnerabilities each day. Factors include:
- Device manufacturers with little cybersecurity expertise
- Power and storage constraints limiting available security mechanisms
- Cumbersome update procedures
- Lack of user awareness
Since the IoT extends to vehicle manufacturing, medical devices, industrial operations, and many commercial uses, it’s only a matter of time before an IoT event leads to leaked personal information or more dire consequences.
The takeaway: institute security procedures and policies that cover IoT devices as well, and incorporate IoT security in employee training programs.
Cyber Criminals Take Over New Access Points
IoT devices aren’t the only entry point ripe for exploitation by motivated cyber criminals. Chat bots are becoming increasingly popular, and our reliance on mobile messaging could provide fresh opportunities for bad actors to impersonate legitimate users and take over accounts.
It will only become more difficult in 2018 for businesses to distinguish individual users from false bots or aggregated user profiles, and that’s something to be vigilant about.
The takeaway: Businesses must work diligently to ensure their own data remains secure and complaint with regulations, industry standards, and user privacy requirements. At the same time, procedures and protocols should be introduced to verify authenticity more proactively.
Want to set your organization up for a more secure 2018? Schedule your free RedTeam consultation and let’s talk through your unique security needs and challenges.
Bad Actors Deploy Big Data
Massive data breach announcements are becoming a regular fixture in the news cycle. In 2017, there were large-scale breaches of sensitive healthcare information, government clearance information, financial and credit data and more.
It’s far too likely that the breached Personally Identifiable Information (PII) data will become available on the dark Internet in 2018. This will enable sophisticated cybercriminals — leveraging Big Data algorithms powered by machine learning and artificial intelligence — to launch more detailed, focused (and thus convincing) social engineering and spear-phishing operations.
The takeaway: We pay a lot of attention to preventing data breaches, but a less complicated step to take is to ensure effective password use. Developing complex, individualized passwords should be par for the course.
Critical Infrastructure is Tested
In October of 2017, the FBI and DHS warned of persistent threat activity targeting US critical infrastructure. The warning to energy, nuclear, water, aviation, and construction sectors highlighted the fact that there are many high-value targets for politically-motivated attackers (as we demonstrated firsthand in our Hacking The Grid segment with Business Insider).
Powergrids and manufacturing plants in Europe have already suffered attacks, and this may be the year the US sees its first major cyberattack on critical operation facilities.
The takeaway: The digital ecosystem relies on critical infrastructure organizations effectively securing applications, networks, devices and physical premises. Penetration testing to identify vulnerabilities and take protective action can make a big difference.
Looking to Get Rich on Ransomware
Cyber criminals aren’t all going to be looking to reinvent the wheel. The success of 2017 ransomware attacks is likely to prompt a continuation of this form of attack. Healthcare entities remain one of the highest value targets with patient data, insurance information, and payment details all accessible in a single environment.
Access to less expensive artificial intelligence and machine learning will also enable cyber criminals to conduct their attacks in more intelligent and automated ways.
The takeaway: Cyber threat detection and threat classification can also benefit from the same AI and machine learning tools. At the same time, it makes sense to plan ahead for how your business will react to a scheme attempting to extract payment.
Rethinking Password Protections
It’s not so much a threat, but another trend on the horizon could be the retirement of the single, complex password. In 2017, 81 percent of hacking-related breaches involved stolen or weak credentials. Perhaps 2018 will mark the true decline of the traditional password in favor of two-factor authentication, which would be a win for security forces everywhere. Some security experts even predict more organizations adopting behavioral biometrics for authentication.
Nevertheless, any shift in authentication practices will be take place in lockstep with increasingly sophisticated attempts to subvert the security techniques.
The takeaway: Even as you could be considering two-factor, biometric, or infrared technology in your user authentications, don’t let existing lax passwords leave your network open to bad actors.
The good news? With our ongoing focus on exposing cyber, social, and physical vulnerabilities and training you to detect, prevent, and mitigate, RedTeam will continue to stay abreast of the latest in cybersecurity and share the information you need to know to secure your networks, applications, people and facilities right here on this blog.
If you’re ready to take things a step further and consult directly with one of our offensive security experts, schedule your free consultation today and start 2018 off on a more secure foot. We look forward to speaking with you!