[BreachExchange] Next-gen cyber threats
Audrey McNeil
audrey at riskbasedsecurity.com
Wed Feb 24 19:03:13 EST 2016
http://www.itp.net/606513-next-gen-cyber-threats
I am sure most of us in the cyber-security community were happy to flip the
calendar to 2016 for obvious reasons! Given what we witnessed in 2015,
while cloud, mobile and IoT (the Internet of Things) will continue to
dominate the discussion in many boardrooms, it is actually security that
should be close to the top of the priority list for any CIO. To that end,
it is worth understanding some of the factors that will shape the security
threat landscape.
An increase in wiper attacks
Wiper attacks, which erase files from the victim’s computer drives in order
to cripple essential apps, have been growing steadily for years. A wiper
attack will not only damage the user’s IT systems, but can leave sensitive
data exposed. Sony has been the most prolific organisation to suffer this
kind of attack to date, however as these kinds of hacks become easier,
businesses of all sizes must be prepared to protect against them.
Investing in security is essential for any modern business, however it will
only be effective if they invest in the right areas. Focusing on endpoint
protection, disaster recovery and backup applications that can be easily
scaled will significantly reduce the chance of wiper attacks causing
lasting harm.
Hacktivism will be the motive behind many more incidents
High profile data breaches such as the TalkTalk, Ashley Madison and
Experian hacks have been extremely damaging for the companies involved and
brought cyber-security to the forefront of every business owner’s mind.
Many of these attacks have been blamed on a rise in ‘hacktivism’.
Self-proclaimed ‘hacktivists’ will attack companies for a variety of
reasons, the most common of these being:
Ethics: To place the spotlight on and expose a company engaging in morally
questionable practices
Opposing values: As a result of fundamental differences in the values held
by the attacking group and the organisation being hacked
Monetary gain: To extort victims for monetary gain in an effort to cripple
the target organisation and fund the hacktivist’s causes
Part of the reason these attacks are becoming more widespread is the fact
that they are far easier to carry out than they were just a couple of years
ago. With hacking tools readily available to those who know where to look,
the resources required to stage a high-profile attack are dangerously easy
to find and implement.
The rise of nationalism in countries like Russia, Iraq and Syria is also
likely to have an effect. Nationalist and terrorist groups will use these
publicly available tools to make public statements and intimidate
corporations with conflicting values – attacking freedom of speech, the
film industry and the literary community. As information becomes more
valuable with every passing year, there is a lot at stake not just for the
information security industry, but for the world as a whole. This is why
companies must do everything they can to research and implement a data
protection solution that is designed to combat these new attacks.
Social engineering attacks will rise in the wake of 2015 breaches
Hundreds of thousands of customer details were leaked as a result of the
2015 data breaches. This data is most valuable to hackers before the leak
is discovered and made public, when it becomes much harder to sell off or
act without attracting attention. However, even after the breach is
discovered, this information is still out there, still accessible, and is
often used in a second wave of attacks to target the victims themselves
many months later.
Hackers will often bombard breached e-mail addresses with phishing attacks
in an attempt to gain access to more of their personal details. By
impersonating banks, retail companies and government agencies, the attacker
will try to trick users into sending them money or personal information.
These imitations are becoming more convincing, with hackers explaining to
users that they are vulnerable to an attack and must change their details
immediately by handing them over in some way.
If enough information is still available, hackers could also attempt to
access the e-mail accounts themselves using other details that have been
leaked such as dates of birth. In some cases, malicious users could even
try to access the victim’s bank accounts directly using leaked account
details. There is a new wave of organised crime happening online worth
billions of dirhams, and it’s growing exponentially.
Additional cyber threats will continue to be discovered in the Internet of
Things
The Internet of Things is developing at an unprecedented pace. With an
incredibly broad spectrum of uses across a plethora of sectors, a ‘smart
world’ is not simply the stuff of science fiction. These IoT devices are
populating every aspect of our lives and it’s important to understand that
this leaves people vulnerable in ways that haven’t been a problem before.
Smart homes, for example, offer convenient solutions for busy residents
looking to save time and money, but smart tech companies must ensure it is
not to the detriment of the user’s security. Devices such as smart
electricity meters or thermostats could moderate power consumption and room
temperatures based on when the residents are out. However if criminals were
to access the network that these devices communicate through, this data
could be used to plan a break-in.
There are three main entry points when it comes to IoT devices. Firstly,
attackers can hack the service provider, gaining database information that
gives them access to data such as smart meter readings. Secondly, it is
possible to break in through the wireless protocols between the devices,
which are inherently insecure due to the low-quality routers often supplied
with home Wi-Fi packages. The vulnerable ISP boxes are reverse-engineered
for security, and give easy access to the consumer’s network. Finally,
hackers could directly infiltrate the infrastructure. This, however, is far
more difficult that the other two methods and so is unlikely to occur as
frequently.
Combating the threats
Cyber-attacks are not going away anytime soon and one can make the argument
that. on the contrary, these attacks are only going to grow in number and
sophistication in 2016 and beyond. Against this backdrop, it is imperative
that CIOs take more responsibility when it comes to data theft - leaving
security vulnerabilities solely to the IT team is no longer excusable as
data theft continues to be a prominent issue. Threat intelligent services
are likely to be commissioned to provide reports and validation on
malicious threats. The increase in the power and safety of the cloud will
also give SMEs a chance to move from relatively weak IT infrastructures to
a platform where security is evolving constantly. Ultimately, the focus on
data protection is going to be paramount for businesses heading into 2016,
and it’s up to them to ensure that they are prepared.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160224/9fed4c27/attachment-0001.html>
More information about the BreachExchange
mailing list