Cybersecurity Threats and Risks
Companies are correctly focused on cybersecurity risks. Notwithstanding this focus, companies are struggling with how to respond to threats and risks. Cybersecurity threats are quickly evolving – akin to the time when countries engaged in military arms races. As they evolve, companies have to embrace proactive strategies and cannot rely on a compliance strategy that reacts to events and threats.
Cyber criminals are quickly embracing new strategies for attacking companies. In the last few years, cyber professionals have seen a decline in malware attacks. With the advent of new chip technology and PIN security measures, cyber criminals have steered away from point of sale (POS) attacks in significant numbers. In response to the major attack against Target, many retailers have built new security programs to prevent further POS attacks. Law enforcement and cyber professionals have successfully prevented some of the more serious malware exploit kits (e.g. Neutrino).
Further, on the positive side, companies and individual users are increasingly relying on Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted traffic as an important protection for online security. SSL/TLS encrypted traffic has increased by nearly 50 percent over the last few years and thereby improved online security.
As more companies have moved applications to the cloud, online security has increased with the use of SSL/TLS encrypted traffic connecting users to the cloud. Cybersecurity professionals expect that SSL/TLS encrypted traffic will increase to nearly 75 percent of all online traffic in the new two years. The use of HTTP traffic is quickly falling as more companies are adopting encryption technology to protect themselves from cyber-attacks.
Now for the bad news. Cyber threat professionals have seen a significant increase in the number of threats via ransomware, and this number is sure to rise in 2018. Most of these ransomware attacks are able to circumvent SSL/TLS encryption and rely on tried-and-true phishing campaigns. Cyber criminals have deployed ransomware-as-a-service (RaaS) and companies found it difficult to prevent these attacks.
In 2017, the WannaCry ransomware attack hit hundreds of thousands of targets, including public utilities and large corporations. The attack temporarily shut down National Health Service hospitals in the United Kingdom. The WannaCry attack was eventually traced back to North Korea.
Cyber professionals face even more threats. Cyber criminals were able to unleash denial-of-service (DDoS) attacks against high-profile companies by attacking Internet of Things (IoT) devices, resulting in service disruptions to Twitter, Airbnb, and other major companies. Cyber criminals also have developed new strategies to compromise Android devices despite system security updates.
Companies have to devote significant attention to monitoring threats and trends in the cybersecurity arena. Given the potential devastating impact of a cyber-attack, companies have to monitor threats proactively and attempt to secure technical solutions in advance of new threats. It is a very difficult and expensive task.
Many companies are confused in this area and focusing on reactive strategies to “clean” up or minimize the damage from an attack. That mindset has to change. Instead, like all areas, proactive measures are the key to protecting a company’s reputation and operations. Of course, every company has to build a crisis response strategy in case of a serious cyber-attack, along with data breach legal notifications and public relations management.
The cybersecurity battlefield is just that – a battlefield, and companies have to approach the issue with a new and more aggressive mentality aimed at creating an impenetrable defense against cyber criminals.