Date posted: 13th January 2016
If you read our 2016 predictions for IT you would have noticed our 2nd prediction was “we’ll all be hacked”. As I mentioned the threat and top of mind placement for Cyber Security is stating the obvious. Cyber Security at top of mind has been a recurring theme over the past 3-5 years culminating with its attention in the C-Suite over the more recent end of that range.
Based on this it is safe to say we all agree on the topic being of concern however rather than deep dive on that let’s take a look at some new bubbling trends to help you mitigate your risks.
This is of course assuming you don’t win the Powerball tomorrow but if you do congratulations!!
Now let’s look at the threats with..
Cyber Security Threats to Look Out for in 2016
As you’ve probably heard (duh) 2016 is a presidential election year here in the United States. It goes without saying that the 2016 U.S presidential race is seeing the most prolific use of social and online media with candidates using new channels to reach key demographics that may have been underrepresented (or honestly too young) to vote in previous election cycles.
That said the growing use of online channels and significant worldwide attention on this election are setting things up for a potential “magnum opus” for hackers.
The reason being a new channel in a new environment leads to potential risks and with news on the internet “never dying”, social and online media are a gold-mine for political and/or nefarious hackers looking to influence the election or just plainly embarrass a candidate.
Our first point of caution isn’t for businesses reading per se, however trends in security affect all of us in IT. A major breach for any candidate can not only skew election results based on trust it can also send security demand and/or trends and tactics to levels not seen before. All IT security professionals are recommended to monitor campaign cyber security as the election progresses.
When most people including those in IT think of penetration testing they first think of an authorized attempt to breach the IT infrastructure through system vulnerabilities. This is generally a great way to isolate potential holes and create a remediation and/or mitigation strategy around those points.
But with 80% of breaches coming from inside the environment is focusing most of your time on external threats really the best investment?
An often overlooked portion of penetration testing and security in general is testing your staff and internal resources. You can spare no expense on the world’s best security however if you leave everything to a single point of failure (i.e. a human) you may be in for a long night. Please note the entire last sentence is obviously a Jurassic Park reference, if you’ve seen the movie you know how bad it can get. Don’t let the dinosaurs out!
Social Engineering, otherwise known as the act of tricking someone into releasing sensitive information is usually mentioned as least in passing in many security strategies. However you may be doing the same strategy and internal penetration test every year…while hackers are finding a new way in.
“Traditional” penetration testing uses social engineering to call your front desk and get a password and thus gain access. The future more sophisticated tactics of hackers though require the next level of testing. You should ask yourself as a business or IT leader “who in my company has access to what?” and in the worse case “what can they do with it?”. Then create reports and scenarios to mitigate the maximum number of leak points with minimal disruption.
I’m not suggesting full-on spying on your staff however an appropriate penetration test must include the 80% threat of employees or internal access resources leaking sensitive materials.
Recent years have seen the addition of a longer and longer list of new top level domains. Almost everyone is familiar with and to a certain extent trusts websites living at .com | .gov | .net | .org | and .info. However over the past few years ICANN has dramatically expanded the list of available top level domains including .nyc |.biz | .site among hundreds and soon to be thousands of others.
This is being done to 1) expand branding opportunities for existing websites 2) expand the total reach of non-trademarked common word websites. Or alternatively, a more cynical view a great way to expand a domain registrar market that was starting to see slower growth.
Now why this is a security issue?
BUT… (there’s a problem)
The following domains are currently available on the open market as of the moment I searched (this afternoon 1/12/2016)
None of them are particularly cheap to buy but they are publicly available
So based on this a nefarious competitor can:
Ok, that sounds bad…
As we said above technology can be close to “perfect” however humans are not. The news isn’t all bad though about new top-level domains; remember first of all we are discussing what could happen not what has happened. Second there is a relatively easy to implement plan to reduce your risk.
Many companies rely on testing new software applications in their environment within what is called a Sandbox. “Sand-boxing” allows cyber security analysts or security operations teams to run a deeper inspection on the new application prior to exposure to the greater network. This containment strategy has generally proven to be effective with major enterprise companies and security vendors jumping on the “sandbox bandwagon” over the past few years. In other words we’re not saying it doesn’t work but there’s always an exception…
Security is a cat-and-mouse game and hackers are catching up. New malware is starting to pop up that allows itself to appear safe upon initial analyst review but still is able to run malicious code once it passes through the initial review process. This so called “two-level malware” is creating additional security headaches for companies and vendors that rely on the sandbox technique of Endpoint Security Management.
Companies facing the threat of two-level malware should go with a 1) a sandbox based system which will catch most but more importantly 2) post release containment and analysis procedures should be established to lock down threats if they make it through the first gate.
p.s this concept isn’t necessarily specific to the business space as well. For years nefarious installer and bundle programs have forced malware, spyware and other junk other consumer laptops in exchange for advertising revenue and consumer private data. This can be done using some of the same techniques as two-level malware as the first installer clears antivirus but the second running the background either kills the AV or breaches the AV entirely. Either way you now have a toolbar on your browser.
The main point is good today… might become bad tomorrow.
Our 2016 predictions also highlighted the debate around the race to become the leader in the rapid growing Internet of Things (IoT). IoT along with mobility have improved daily business productivity. This trend of allowing employees to work anytime/anywhere and allowing employers large recruiting pools have matched together to drive macro improvements which are only expected to increase as time goes on.
However we are not here to analyze IoT and mobility today. We’re looking at Cyber Security trends and the trend here is simply put more devices equals massive risk.
In certain industries more than other, “campus based” business such as Healthcare, education and manufacturing should heed caution more than others. These industries require greater employee mobility and generally contain longer list of connected devices within the enterprise.
As the benefits increase and appropriate adoption and expansion occurs these industries along with others must exhibit caution to establish smart policies on authentication of users, number and profile of unknown devices, and finally and the last point is a repeat employee training on cyber security policies and what to look out for when it comes to validation for their activities.
I’d like to thank everyone for reading today’s Cyber Security trends. I am hoping this article provided helpful tips on how to mitigate (you will never eliminate) the chance that you will be hacked in 2016. Please don’t hesitate to contact Netfast for a security consultation or to discuss specific concerns you may have, our engineers are here to help.
Finally if you do win Powerball after reading this article, congratulations, and I am glad I didn’t jinx you!
Joe Asady is the founder and CEO of Netfast Technology Solutions (www.netfast.com). With well over 3 decades of IT management experience, ranging from software engineering to product distribution and technology services, Mr. Asady is leading Netfast’s initiative to become a leading provider of next generation of Cloud Managed IT Services to accelerate business growth to its customers worldwide.
About Netfast Technology Solutions
Netfast is a leading Cloud Managed Services provider for New York City area mid-market business enabling customers to accelerate Digital Business Transformation with managed cloud and mobile solutions.