Are global cyberattacks the new normal? 4 steps to protect your business Are global cyberattacks the new normal? 4 steps to protect your business

Are global cyberattacks the new normal? 4 steps to protect your business

Know your network - inside and out.

 

Since the beginning of 2017, cyber criminals have ramped up their efforts considerably, the high profile, global attacks of Mirai, Wannacry and Petya have occurred one after the other, with crippling effects to some of the world’s largest economies and industries. 

Despite the media attention, large-scale attacks of this nature aren’t new. Attacks like the ILOVEYOU worm and Code Red were massive attacks, some of which affected exponentially more devices and organisations than 2017’s attacks. In addition, the spread of WannaCry and Petya were quickly curbed unlike these worms of the past. But this isn’t just about scale. Unlike in years past, today’s organisations rely on data as both a critical resource and an essential source of revenue. And these new attacks are more sophisticated than ever…

Mirai was able to hijack tens of thousands of IoT devices, such as DVRs and digital CCTV cameras using the known device passwords installed by their manufacturers. These devices were then amassed and used as a weapon to take out a massive chunk of the Internet across the world. Denying service to a number of websites including Twitter, Reddit, Netflix, and Airbnb to name but a few.

 

Wannacry pioneered a new sort of ransomware/worm hybrid, something we call a ransomworm, in order to use a Microsoft exploit. Rather than the usual ransomware method of selecting a specific target, Wannacry’s functionality allowed it to spread rapidly across the globe, attacking thousands of devices and organisations

About a month later, we saw the emergence of a new ransomworm, Petya. This new malware used the same worm-based approach of Wannacry, even targeting the exact same vulnerability, but this time with a much more potent payload that could wipe data off a system and even modify a device’s Master Boot Record, rendering the device unusable. Since very little money was made during this attack, we can say that this attack was certainly more focused on taking machines offline than monetization through ransom. A machine availability ransom like Petya may become a much larger problem in the future when spreading as a rapid ransomworm.

There is a common belief across the security industry that attacks like Wannacry and Petya were just used as a test for vulnerabilities. These attacks are unfortunately, just the tip of the iceberg that could see the start of a new wave of global cyberattacks in the future

So, what can you do?

The global scale and scope of these recent attacks have people understandably concerned. But before the panic sets in, here are four tips to protect your organisation.

Practice network hygiene

Network and device hygiene are perhaps two of the most neglected elements of cybersecurity today. The Wannacry ransomworm targeted vulnerabilities that Microsoft had patched two months previously. And in spite of Wannacry’s global impact and media coverage, Petya was able to successfully target the exact same vulnerability less than a month later – further compromising thousands more organisations. In fact, most successful cyberattacks target vulnerabilities that are an average of five years old.

You should look to regularly patch your organisations’ devices, and devices too old to be patched, need to replaced.

Know your network inside and out

It’s impossible to patch devices on your network that you are unaware of. As such, you should look to invest in the time or technology to identify every device on your network. Establish its purpose, age, what traffic passes through it, and what OS and patch level is it running. It’s also important to know who or what devices have access to it.

Implement an integrated security system

More sophisticated attacks will target IoT which simply cannot be patched or updated. An integrated security system can detect and stop threats at multiple places within your network. But given that most organisations’ networks now span a wide range of devices, users, and applications deployed across multiple ecosystems, isolated tools monitoring traffic that passes a single point in the network are no longer adequate enough when it comes to security.

Segment your network

Dividing your network into functional segments to protect data and resources isn’t a revolutionary idea, but most organisations still fail to recognise its effectiveness. Most organisations have flat, open networks, and once the perimeter has been breached, stopping the malware becomes significantly harder.

With remote working trends only expanding, organisations are seeing their perimeters disappear, this makes securing their networks especially challenging.  As we discussed earlier, some of the most vulnerable sections of networks are IoT devices, as such, these should be assigned to a separate, secure network away from the main ecosystem. This is going to give your organisation the best chance in the event of a breach. Organisations need to deploy a segmentation strategy designed to meet the security demands of today’s most complex networked environments.

 

We’re not reinventing the wheel here, for any security professionals, this should not be new. Business decision makers need to understand that without the appropriate resources, training and tools in place, their organisation is at risk. We’re living in a corporate society where these tips are no longer optional, nice to have security strategies – these are necessities to face today’s new normal of cyberattacks.

 

Shared from: CBROnline

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

iScope

Boldstart Founder Launches Hyperledger Fabric's First Blockchain Accelerator

The founder of VC firm Boldstart Ventures is launching the first accelerator dedicated exclusively to startups building on the Hyperledger Fabric blockchain.

CNN launches daily news show on Snapchat

CNN on Monday began streaming "The Update," a daily show on Snapchat featuring at least five news stories each episode from reporters and bureaus around the world, to attract younger viewers.

Quora now launches retargeting for advertisers

Quora’s newly launched ads platform now supports retargeting ads on the question-and-answer network.

Facebook faces scare that teens are going to Snapchat and Instagram. Again.

 Now playing on the internet: the episode in which everyone freaks out that young people are abandoning Facebook in favor of hot new social media services like Snap and Instagram.

IBM partners with Walmart, Unilever, Nestlé, and other food giants, to apply blockchain tech to food supply chains

They will be aiming to use blockchains to maintain secure digital records and improve the traceability of their foodstuffs

Blockchain can make social networks more private — and profitable for you

Fact: You’re going to spend a total of five years of your life on social media. But- is blockchain answer to everything?

The HuffPost’s tabloid-style homepage is paying dividends

The move was designed to deliver what Polgreen described as “a visceral snapshot of the day.”

Dashbot’s codeless Twitter Integration is now live!

Integrate your DM bot without code and in 10 seconds.

50 Bitcoin Exchanges Have Filed with the Japanese Financial Authority

In April, the Japanese government amended its fund settlement law to recognize bitcoin as a legal means of payment

Billionaire Calvin Ayre Acquires Crypto Media Outlet Coingeek

  The plan is for Calvinayre.com to continue to cover Bitcoin news as it relates to the gaming industry

Asus Debuts Specialized Motherboard for Cryptocurrency Miners

"Cryptocurrency and blockchain are here to stay"

Chatbot That Helps Users Appeal Parking Tickets Comes To U.S.

A chatbot called DoNotPay that helps users appeal parking tickets for free in the U.K. is now available in the United States.

How TD Ameritrade tackles security in Facebook Messenger chatbot

Chatbot is designed to answer faster than a human could.

How Blockchain Is Monetizing User’s Experience and Skills

Generating value is the key concept sustaining the explosion of Blockchain offerings in 2017.

Bezos on Amazon’s AI and Machine Learning Strategy

[It's all about] enabling other organizations to leverage the game-changer that is machine learning.

Mongolia's Hottest New Social App Is All About Horses

Although cowboy culture is mostly nostalgia in the United States these days, many rural Mongolians still rely on their horses in daily life. In Mongolia, horsemanship is one of the most celebrated aspects of their culture, even on social media. "If we...

Startups could be key to fixing tech's diversity problem

Silicon Valley companies are learning a hard lesson: They can't escape their attitude problems.

Android Oreo released by Google

Google has released the latest version of its Android mobile operating system (OS), which will be named after Oreo chocolate biscuits.

How RBC is using a blockchain to overhaul its loyalty program

“We see loyalty as a great use case for blockchain to allow us to provide customers more real-time access to rewards points to provide an almost Starbucks-like experience.”

Why finance brands are so hot on content marketing

Content is one way to make people return to their site to see new updates, buy new products and invest more money.

Reddit now allows users to upload videos

Videos are coming to Reddit, thanks to a new feature that allows users to upload video clips directly to the service.

Sharp sues Hisense over a foreign “gag order”

Sharp, a Japanese electronics manufacturer, has filed a lawsuit challenging a foreign gag order that company lawyers say prevents Sharp from talking about its own brand.

How A Police Body Camera Company Is Becoming An Artificial Intelligence Company

Like most technology companies today, Axon’s goal is to collect data; the free body camera trial is just another avenue to generate and collect more of it.

Mic Lays Off Dozens Just a Week After Promising Not To

A number of online outlets, including Mashable, Vice, and MTV News, have recently slashed their writing staffs to focus on producing visual content

Kit Kat accused of copying Atari game

Kit Kat's maker Nestle has been accused of copying Breakout, the 1970s computer game, in a marketing campaign.

YouTube TV expands to 14 new markets

YouTube is broadening access to live TV streaming as younger viewers increasingly watch shows online and traditional broadcast networks grapple with aging demographics among viewers.

Hyundai looks to build a >300-mile-range electric car

More carmakers are looking toward electric vehicles as fuel cell falters

Why Bancor Wants To Become The YouTube Of Cryptocurrency

If Bancor overcomes the initial scandals (it shortchanges its users' by rounding token values) Bancor could reshape the cryptocurrency marketplace as we know it.

The best of Siri: 11 funny responses from the iPhone's virtual assistant

Since its launch in 2011, Siri has become increasingly intelligent, and can now hold basic two-way conversations with users.

How Yogscast built a media empire

The newer generation doesn’t want to be told how to do things, they want to see it.

Skype’s new look arrives on the desktop in preview form

The chat-focused update comes with new features for messaging and calls.

Subscribe to the Business Brief Newsletter

Get our complimentary briefing, featuring news & analysis of the business trends and practices.
Terms and Conditions