Any company dedicated to the protection of sensitive personal and financial information knows it is becoming more and more challenging to execute each year. Aggressive employee training programs and testing on avoiding phishing attacks and other internet threats have become a way of life. What’s driving this increase, and what do we project will happen in 2016 as part of our strategic planning process?
Let’s take a look at the major emerging cyber security trends for 2016:
Attacks on hardware and the Internet of Things (IoT) will continue and grow in 2016. Attackers continuously evaluate new attack vectors, and the probability of finding an Internet attached device that is not fully secured is high. Picture connecting a temperature monitoring device inside your data center to the Internet. The technician connecting the device accidentally plugs it into your backbone. You now have opened a door to your network that wasn’t even contemplated five years ago. Even the simplest functions in the wrong spot can open up your organization to significant risk. To further compound the issue, the reported advances in malware exploiting weaknesses in hardware and firmware continue to surface. The toolsets available for purchase that enable those attacks are becoming readily available and are dropping in price.
Ransomware used against organizations is a constantly growing threat. The recent issue at the Bank of Dubai illustrates how cyber criminals can hold an organization hostage. It is suspected that many cases go unreported by companies who elect to pay and not suffer adverse publicity or embarrassment. An emerging service-for-hire, this opens up the ransomware exploit and attack to those without technical skills, just financial means. We should expect this threat to increase not only for financial gain, but also for political or revenge motivations.
Organization networks will continue to harden and become more resilient. As this trend continues, attackers will look for other avenues of attack, which will offer less resistance. Third party service providers, employee support systems (cloud-based), and employee home systems will become an attractive target for hackers looking to establish a foothold in an organization. The estimated number of home systems infected with a Botnet continues to rise every year. In 2014 the director of the FBI’s cyber division, Joseph Demarest, said the Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Before a U.S. Senate committee, he stated that computers worldwide are part of Botnet armies every 18 seconds, which amounts to over 500 million compromised computers per year.
The network of compromised systems can do drastic cyber crime activities without the knowledge of their computers’ owner. A Botnet allows its operator to steal personal and financial information, get into system owners’ bank accounts, steal millions of credit cards, shut down websites, and monitor every keystroke. This enables the potential theft of credentials used to access company systems remotely.
As organizations continue to migrate to cloud services, cybercriminals will seek to exploit weak or ignored corporate security policies established to protect cloud services. Data that traditionally never left the confines of the corporate data center now reside in the cloud on servers around the world. This can include confidential business information and other intellectual property. Cybercriminals accessing this type of sensitive information can adversely leverage or damage business strategies, company portfolio strategies, next-generation innovations, financials, M&A plans and other sensitive data.
In 2015, PSCU continued the expansion of our Security Analytics system, enabling us to correlate disparate log and system feeds, turning them into actionable alerts. From an operational perspective, driving down the false positive rate allows users to have a higher confidence level in the alerts being generated, and it yields better use of critical resources and faster response to true security issues. The system has also simplified compliance reporting, allowing us to quickly produce customized reports as required. This continued investment in resources to combat cyber security threats has improved our people, processes and technology systems targeted at protecting the information entrusted to us by our credit union owners.
The challenge is to keep pace with and preempt adversaries. This will require us to constantly look at new, innovative ways of protecting company information. We must match the assets, motivation, and financial commitment of the cybercriminals if we intend to prevail. As Kevin Mandia, former founder and CEO of cybersecurity and forensics company Mandiant, stated, “This is a war of attrition that we cannot lose.” If we intend to prevail against future threats, organizations must be agile, detecting threats accurately and responding faster. If our commitment to protect is not as pervasive and bigger than the cybercriminals, we will lose.