Safe Harbor on Cyber is a 'safe harbor' blog site on cyber security for families and small businesses with news on cyber threats, risk, data breach, identity thefts, ransomware, cryptocurrency, and vulnerabilities items.
2017 was a watershed year with the largest number of hackers, leaks and data breaches. We project that 2018, cyber threats will get worse because attackers are increasingly being creative in attacking tools, switching tactics, and increasingly destructive payloads to better target system vulnerabilities. Why is that?
Asymmetric Cyber Warfare Landscape
Foremost the cyber threat landscape will continue to be asymmetric. Threatening malicious actors are now having an edge over enterprises. Government and Commercial enterprises are hard-pressed to shore-up and keep internal cybersecurity talents and teams…
State-sponsored actors and a growing number of organized criminal groups are well-funded, well-organized and well-resourced. They can spend their time researching their goals, creating the right malware, and tailoring their attacks to targeted attacks. Even if they fail for the first time, they can persist in trying again and again with minimal marginal costs.
Cyber Threats Tactics
These entities have been astonished by the rate of technological progress, but attackers have also begun to have a more profound understanding of human nature. This is reflected in the more subtle attacks that make use of social engineering and behavioral insights.
What we have seen in recent years is the continued development (and preference) of very complex and precise spear phishing attacks, unlike phishing emails that are spam or mass attacks. Spear phishing attacks against specific individuals, organizations or businesses to collect sensitive information. It may take the form of professional, vocal, personalized email that uses the personal data collected from public postings on social media sites and blogs to pinpoint themes to be wary of – inducing them to click on suspicious links or open documents that may be contaminated with viruses.
Another form of personal attacks is hacking, in which hackers ambush targets on sites they frequently visit. Hackers will inject zero-day attacks – a form of malicious code that takes advantage of unsuspecting software developers and cybersecurity professionals, leaving them with no time or “zero-day” preparation – to wait for their goals on the site.
When a target appears on a site, exploits redirect the target to other sites where malware exists and infect the organization’s network. Once completed, cybercriminals can access the organization’s network and be able to reveal key data such as passwords and permissions or pivot other devices in the network.
The obvious fact is that the enemy sometimes knows us better than we do. They are in some ways more motivated than the organization wants to protect their systems, in part because the rewards of violating the organization may be greater than the benefits of greater security.
Second, creating a broad shadow industry around hacking and data will make it easier and more lucrative to engage in such dark deals.
Hackers have created a shadow economy by buying and selling data on dark networks and organizing cybercriminals. The data is the new gas to provide analytics to defend against cyber threats. What is the threat to the actor, what is the most in need of protection from cyber threats?
This created a thriving shadow economy. In addition to personal data, vulnerabilities and zero-day sales can also be. Large botnets are available for rent, as are malware-as-a-service ransomware-as-a-service and DDoS-as-a-service. DDoS attacks cause the target system to have more traffic than it can handle, reducing traffic.
There is a market that exploits vulnerabilities that attack computer systems through a particular weakness of the system and are used to trade these vulnerabilities. A growing number of participants are trading this type of vulnerability to increase availability.
Impacts of Cyber Attacks
Equifax is one of the largest data breaches in history, with about 145 million consumer data, including credit card numbers, compromised. Uber said it was violated in 2016, with about 57 million users and drivers missing information worldwide. Even worse, it paid hackers $ 100,000 to delete the stolen data and keep it quiet.
iOS zero-day attacks against previously unknown vulnerabilities in Apple’s mobile operating system can cost up to $ 1.5 million (S $ 2 million). No wonder technically talented programmers will see the appeal of providing such services.
In 2018, we will see an increasing number of blackmail attacks on key infrastructure around the world. Transport, energy, and healthcare facilities are the targets of choice, as service disruptions can cause a severe public rally, thus increasing the likelihood of payment. In recent months, the healthcare industry has been the victim of more attacks. This is because the value of healthcare data, such as medical history, can be used for a variety of cybercrime. According to a 2015 report by industry consulting firm Accenture, cyber attacks will cost U.S. hospitals more than $ 305 billion within five years and one out of 13 patients will be hacked.
A 2016 study by the Brookings Institution showed that since the end of 2009, more than 155 million Americans have been exposed for medical information through about 1,500 violations without their permission. Healthcare organizations are vulnerable, in part because government regulations force healthcare operators to adopt electronic medical records and other advances, even though they are not yet ready for full security.
Potential Forward-Thinking Countries should note that the massive adoption of digital solutions does not create a safety nightmare and gives hackers an endless attack surface. So how to deal with the development of enterprises? In order to detect and mitigate threats quickly, it is critical to have 24×7 monitoring of networks, applications and equipment through an internal security operations center or outsourced service. Next-generation security operations centers also need to integrate big data analytics and deep machine learning capabilities to keep massive amounts of data generated.
Cyber Threats Mitigation
Organizations need to conduct vulnerability assessments and penetration tests more often. They may even consider rewarded white hat hackers with a bug rewards program that pays for hackers to find bugs. At the operational level, the entire incident response framework must be regularly audited and strengthened. The Incident Response Team must drill through specific skill sets, desktop scenarios, and a comprehensive red-blue team maneuver (blue teams are defenders; red team simulations) and they and a group of white hat hackers try to break their safety. In the absence of internal skills or personnel, seek outside assistance.
Needs – Example Singapore Study Case
In particular, Singaporean organizations need to pay more attention to the threat of cyber attacks. A survey conducted last June by Quann, a managed security service provider, and research firm IDC covered 150 senior IT professionals from large and medium-sized companies in Singapore, Hong Kong, and Malaysia.
“The results showed that 40% of respondents did not have an incident response plan, and 67% did not implement an incident response plan. Cybersecurity requires a holistic approach that goes beyond the chief information security officer or information technology director. Executive leadership should not view cybersecurity as a cost center and IT issues but as an integral part of enterprise risk management. Senior management and the board must understand the threat and data protection tactics. With the exception of the board of directors and management, every employee is important.
A survey by the Singapore Cyber Security Agency in 2017 showed that Singaporeans are at risk of endangering the cybersecurity of themselves and their companies. If an employee downloads free, but malware-free software from suspicious sources without distinction, then how advanced is the antivirus. Every careless employee is an open portal to hackers. As the number and complexity of attacks continue to escalate, companies need to stay on top of cybersecurity.
Effective cybersecurity is not an arms race to keep up with cybersecurity products. Rather, it ensures seemingly mundane tasks, such as keeping patches up to date, ensuring secure hardware is well maintained and managed, ensuring compliance with user policies and procedures, and being well implemented by humans. Even with the best technology, human factors play a crucial role in ensuring that organizations remain cybersecurity. The firewall must be up-to-date, but the most important firewall is still the human firewall.