CRIBB Cyber Security’s Patrick J Carolan highlights what firms should look out for
With information security and data protection a highly serious matter, businesses are being faced with a number of complex and sophisticated methods of cyber-attacks. A single cyber-attack can see tranches of data being obtained and exploited by cyber criminals. With some of the largest data breaches happening within the last few years, organisations are under increasing pressure to reduce the risk of a hack. Below, we’re looking at 13 of the most common methods of cyber-attacks.
Ransomware has been the biggest threat for the last five years and is expected to continue to be one of the top cyber-threats. Ransomware is a type of software which encrypts the data until the ransom is paid, usually in crypto currency. However, by paying the ransom the threat is marketed as a proven usable threat that can be deployed to other organisations.
Although ransomware is often deployed through email, antivirus software is still unable to offer full protection against it, as shown in Telefonica, TNT express, Maersk and the UK’s NHS attacks. Without the right training or defense mechanisms ransomware can infiltrate an organisation, costing them revenue and reputation.
Phishing is an attempt to gain personal data by posing as a known authority or online service. A good phishing email will be word perfect, relevant to you and may not leave you in doubt of its authenticity. Spear phishing continues to cause tremendous data loss for many organisations and is the number one attack vector.
Instigated through social engineering research, the initiator will profile a subject through public media resources such as Facebook, LinkedIn, Twitter and financial reports. The combination of self-published information (by both companies and employees) paired with correct timing is all that is needed by scammers to facilitate an attack. Phishing is the first and foremost tool that almost all malicious actors will employ.
- Inside vulnerability
One of the largest threat vectors are the employees of an organisation, where unknowingly (or indeed on purpose) leak confidential data. The lack of appropriate training and information governance allows the growth of this threat to continue at a scale far beyond any other threat vector.
Hackers are able to breach firewalls, hack websites and gain access to confidential data. With technological advancements, hackers are now able to deploy bots (automated computer programs) to do the hacking on their behalf. The bots travel around the internet until they find a vulnerability and report this back to the hacker from whence the hacker initiates an attack.
- Cyberwarfare escalation
Without treaties and international cooperation frameworks, cyberwarfare is now becoming the next front in state instigated attacks. Geopolitical conflicts and ideological differences fuel the threat escalation.
- AI and Machine Learning used in cyber-attacks:
Despite advancements within AI and Machine Learning products, the reality is that simpler, nimbler, and more targeted weaponized AI and ML systems are already in the hands of malicious actors. Their use not only increases sophistication and scale to cyber-attacks but makes these threat vectors harder to defend against.
- Exploited Internet of Things (IoT)
The dramatic increase of IoT devices has resulted in an equally dramatic increase in hacks against them. Smart Devices, including those that are used for homes, cars, medical and even cities, are often connected to critical infrastructure and are therefore becoming targets of malicious actors.
- Misinformation and Social Engineering Manipulation
With the proven success of mass manipulation via social networks and manufactured “facts”, this practice has shown to be effective not only in politics such as the UK Brexit and US Elections but also in every day advertising. Well-funded and agenda-focused organisations recognize that they too can play this game, thus blurring the line between fact and fiction resulting in public mistrust, confusion, and chaos.
- Blockchain Concerns
Blockchain is known to many as an advanced security process that can be compromised. The trend of blockchain compromises continue to increase and as such the “blockchain promise” of infallibility doesn’t hold up. While blockchain might be a difficult target for malicious actors, it’s not invulnerable. Security experts warn that blockchain implementations bring with them a wide range of dangers that organisations should be aware of.
- USB Drives Remain Critical
USB drives are still commonly used as infection vectors for a wide variety of malware. According to new reports, the USB threat has overtaken cloud services such as OneDrive and Dropbox as convenient ways to move malicious files from one system to another. USB drives presently have multiple threat vectors such as unsecured USB storage, Infected USB devices and Payload USB devices designed to fool security solutions into thinking it is a USB keyboard instead of an infected USB drive.
- Single factor password
Simple passwords are a key tool for malicious actors, from novice to nation-state players. Single factor password protection remains the go-to security protection for the majority of organisations, despite the low cost and ease of deployment of multi-factor authentication solutions or password phrase use. Password theft and password-based breaches persist as a daily occurrence; companies with confidential data must implement password protection methods.
- Cloud insecurity
Despite the continual publicity around repeated breaches in the cloud, the majority of organisations still don’t deploy good housekeeping nor implement best practice policies across their data estate in the cloud. An example of this is the Amazon S3 Cloud Storage Service where organisations fail to configure and secure their subscriptions, often resulting in regular breach notifications. Remember it is your responsibility to secure your data, not Amazon or Microsoft’s.
While supply chain threats occur in every sector of the economy, the organisations that mostly experience these attacks are biotechnology and pharmaceuticals, hospitality, travel, entertainment and media, and IT services.
Even with the introduction of GDPR, organisations are still failing to ask the necessary questions to reduce their cyber risk. And where supplier vetting is applied it is often reduced only to software providers and suppliers retaining the organisations personal information data of their clients. What about the manufacturers you purchase your hardware from? Many organisations lose sight of their supply chains and few set minimum security standards for their suppliers.
Undeniably, with the increasing value of data and sophistication of cyber-criminals, companies must invest heavily in reducing the risk of cyber-hacks.