It’s an unpleasant truth that businesses must face: Between vulnerabilities and the ever-changing IT landscape, network security risks continue to evolve and underline the need for vigilance.
To that end, proactive network managers know they should routinely examine their security infrastructure and related best practices and upgrade accordingly. Such an approach can make a difference in the ability to effectively respond to the following 5 network security threats.
1. Encryption is a double-edged sword. In recent years, organizations have looked to protect sensitive data by scrambling communications, what we know as encryption. “End-to-end encryption” can create a false sense of comfort for consumers, Bloomberg recently reported. The reality is that a hacker can control the device in a variety of ways, including gaining access to the “full discussion regardless of what security precautions are built into the app you are using.” Encryption essentially gives hackers free rein to operate prior to their eventual detection and remediation.
2. Network-based ransomware can cripple systems and data. This threat is particularly alarming as it does not rely heavily on the human element to execute and bring an organization to its knees.
Many times, to be successful with an attack, an active and unpatched workstation and an automated software update is the only set of needs. Data can be compromised or lost altogether on an infected device. And further compounding the problem is the fact that many small to medium-sized businesses do not report ransomware attacks as they occur.
As CPO Magazine noted (citing the 2018 Ransomware Report), fewer than one-quarter of all ransomware attacks are actually reported. “After command and control servers are taken offline, some companies may opt to pay the ransom and move on, rather than deal with a potential PR disaster,” per CPO.
Preventative measures against ransomware include:
- Using Diverse Backups
- Keeping Antivirus Up-To-Date
- Maintaining Patch Updates
- Installing File and System Integrity Monitoring Software
- Compliance Maintenance
Learn more about how businesses can be prepared for ransomware.
3. DDoS attacks come at a real cost. The severity and frequency of DDoS attacks have many network managers concerned. Hackers infiltrate organizations by flooding websites and networks with questionable traffic. Two avenues are emboldening criminals in their nefarious endeavors. “DDoS for hire” services is one means through which hacking/attack skills are offered in exchange for money.
The other channel used is the wide adoption of Internet-of-Things (IoT) technology. IoT widgets with poor security defenses are easy target. Defending against DDoS attacks doesn't have to be challenge. Ways to help defend against DDoS attacks include:
- Identifying unusual traffic activity
- Using the needed amount of bandwidth
- Avoiding the wrong response to extortion attempts
- Immediate contact with your ISP
- Developing a Comprehensive Approach to DDoS Security
4. Insider threats continue to infect organizations of all sizes. Experts estimate that insider threats are behind roughly 50 percent of data breaches, according to McKinsey & Company. Such incidents are usually driven by financial gain or negligence.
Though the thought process behind insider threats is gaining popularity within organizations, enterprises may not always be proactive as the majority of network security defenses are configured to protect from external threats.
Insider abuse can include but is not limited to:
- Remote access to sensitive data
- Unauthorized deletion of data
- Unauthorized access to shared folders
- Unapproved hardware/software
Organizations may find that those who already have legitimate, authorized access to sensitive data operate illicitly, many times with few or no limitations on their access and agency. This reality underlines the need for consistent monitoring of suspicious activity.
5. The security behind legitimate cloud services is being co-opted. As more organizations gravitate toward the cloud for data storage and retrieval, hackers have found a way in. They use the same legitimate services but may have ulterior motives and can wreak havoc.
Organizations can be left vulnerable as they have come to trust common cloud platforms and take a reactive approach to any questionable activity. This comes at a huge cost to them in the form of downtime and leveraging resources to do damage control.
Several incidents have been reported in 2019, including one affecting the City of Tallahassee and resulting in an initial loss of $500,000 from the city’s human resources department. According to a May 2019 Tech Times article, a Dropbox link was used in a phishing scam from the email account of the city manager. The link contained a virus allowing hackers to infiltrate the payroll network and induce panic.
As Software-as-a-Service(SaaS) continues to grow, and services move to the cloud, organizations still need to be wary of polices and procedures that can in essence lead to a false sense of responsibility and security for data in the cloud.
Minimize Risk With File and System Integrity
For many in IT, network vulnerabilities might not be emerging risks but oversights. The continual challenge of maintaining compliance and maintaining the integrity of the enterprise IT infrastructure is not always standardized.
Utilizing file and system integrity monitoring software, specifically one with auditing capabilities, flexible response options, and automated detection processes may decrease the risk organizations face daily.
Network-wide file and system integrity monitoring, can establish total accountability with audit trails that cannot be altered. It should also offer unique, advanced protection against threats by providing admins with the ability to restore systems and files to a prior state immediately.
To learn more about CimTrak, download our technical summary today.
August 1, 2019