This year has seen IT security at the forefront of the news agenda for
all the wrong reasons. Various breaches and hackings such as those on TalkTalk, Carphone Warehouse and Ashley Madison have heightened
discussion around IT security and the protection required to counter virtual
incursions.
However, many of the attacks over the course of the year were avoidable.
Had the companies in question been more diligent over their testing and
security protocols, some of the breaches would not have been as successful.
Security fails of
2015
The biggest security failing of 2015 is arguably the vulnerability of
companies to simple web application attacks. Organisations with large volumes of online customer interactions were
targets for web application attacks, where cyber-criminals gain access to
sensitive customer data. Techniques such as SQL injection and brute force techniques
were used to access valuable data for fraud or resale to third parties.
The other security failing this year has been phishing attacks, a method
that can result in malware entering a network, leading to data theft. Phishing
attacks can come in the form of a legitimate
email from a company that redirects the user to a fake external site. Personal
information will then be requested and captured for future brute force attacks.
Prevention is simple
Following simple guidelines like OWASP is the first step to
prevention. Regular testing of web facing applications before publishing them can
also help avoid attacks such as TalkTalk.
Education within the company and targeted solutions aimed at monitoring
data exfiltration should be a
priority. A company’s security cannot be reliant on only using their security
solutions as a shield – their workforce can and often will be a weak spot in
their armor. Employee education on data governance, access and removal of data
should be at the top of a company’s IT security resolutions for 2016.
Emerging security
threats in 2016
As Ransomware threats are so effective, they are predicted to continue
to increase in use in 2016, in conjunction with the level sophistication behind
attacks.
This is especially the case, as corrective measures to protect from
attacks are rarely in place.
In addition, DDoS (distributed
denial-of-service) attacks aimed at extracting data have been getting stronger and harder
to defend against, as shown by the high profile TalkTalk and Carphone Warehouse breaches.
There have also been a growing number of blackmail attempts, threatening
a company’s resources with DDoS attacks, unless they receive a sum of money.
What is interesting is that these two techniques do not demand high
levels of technical ability, but the rewards can be great. Many companies
cannot afford lengthy downtimes on their servers and will pay the sum demanded,
even without any guarantee that the same attackers will not return.
Who will they affect
the most?
Ransomware can affect a majority of computer users. Assuming you
will not be a victim of a cyber-attack is a major mistake and the risk of such
an attack should be taken seriously.
Blackmail attacks/DDoS attacks on the other hand, will be targeting
medium to large sized companies, who have the budget to pay the ransom money.
Invaluable security
solutions for businesses in 2016
As Ransomware is predominately distributed via email and internet, a
sandboxing solution is essential. The relevant solution has to be able to scan
emails and internet traffic delivered to computers on the network, remote
workers using a VPN or BYOD users, who use wireless or mobile
connections.
An attacker using Ransomware infiltration techniques will execute with
the user-credentials of the user who opens it, so there is a need to look at
controlling administrative credentials of all computers, whether they are
servers, workstations or laptops.
No comments:
Post a Comment