Group Co.
Time to Get Serious About Cybersecurity
Traders Magazine Online News, February 8, 2018
To respond to the growing number of attacks, as well as to newly-emerging threats, companies must reevaluate their approaches to prevention and mitigation. The bare minimum is simply no longer sufficient.
In October 2017, Richard F. Smith, then-Chief Executive of the credit reporting agency Equifax, testified before the House Energy and Commerce Committee. The subject was an insidious security breach at Equifax that compromised the Social Security numbers of more than 145 million Americans. Under pointed questioning from lawmakers, Smith said a single Equifax employee had facilitated the breach.
One slipshod employee. Millions of sensitive personal records compromised.
Just as one employee can put an entire organization at risk, it only takes one to spot and contain a threat. In 1986, a young German programmer named Markus Hess hacked hundreds of U.S. government computers with the intention of selling American military secrets to the KGB. Hess would have achieved his goal if not for an attentive systems administrator named Cliff Stoll, who detected the intrusion based on a 75-cent accounting error. Stoll later went on to write a book about the experience called The Cuckoo’s Egg, which became a cult classic in the field. Today's cybersecurity professionals must be every bit as vigilant and responsive as Stoll, alert to the slightest sign that something is amiss.
New Risks
Despite the industry’s best efforts to prevent them, cyber threats are becoming more numerous and more sophisticated. What’s worse, state actors with tremendous resources have become major backers of such attacks. Three types of threats are becoming increasingly common.
Phishing
Phishing targets a company’s users by using email, text messages or even phone calls to trick them into compromising their own systems. This is sometimes part of a synchronized attack, which appears to be coming from a trusted source. If hackers manage to infect someone’s computer, then their malicious code can travel laterally across the network, and once inside, infect additional systems. Technical controls and continuous awareness programs for employees are crucial to circumventing these threats.
Ransomware
Ransomware has become the most popular method for monetizing cyberattacks. Here hackers encrypt a computer’s data and then demand a ransom to decrypt it. Owing to social engineering advances, malicious actors can now launch multiple attacks within the same company, so training for employees who have data access must be a top priority. Also, a machine compromised by ransomware can only spread the malware to what it has access to, so having strong access controls ruled by a ‘least access’ concept can help reduce the spread of ransomware within an organization.
Zero-Day Threats
Zero-Day threats, the target of Google’s Project Zero, include unpublished, ignored or new vulnerabilities in products such as software, hardware and firmware. They are called zero-day because they have not yet been exploited – and there is no known solution readily available. Subscribing to a reputable threat intelligence service and participating in industry peer groups like Information Sharing and Analysis Centers (ISACs) are keys to sharing and receiving early information.
Tackling the Latest Cyber Threats
To respond to the growing number of attacks, as well as to newly-emerging threats, companies must reevaluate their approaches to prevention and mitigation. The bare minimum is simply no longer sufficient.
Throwing Away the Checklist Approach
For more information on related topics, visit the following channels:
Comments (0)