4 Current IT Security Trends
Today’s top IT security threats are related to user and endpoint vulnerabilities. While movies and books portray cybercriminals hacking through firewalls or exploiting zero-day bugs, most breaches, such as ransomware attacks, occur because of common user mistakes. Employees mistakenly open suspicious emails and leave files where they shouldn’t be.
Because of these risks, cyber-insurance providers are starting to drop companies for not having multi-factor authentication (MFA) for email, management, and remote access. In the future, requirements will continue to tighten, and MFA will expand into secure access service edge (SASE) applications.
Here’s an overview of 4 recent security trends:
Phishing attacks take advantage of user error and the fact that most organizations rely on email as a main form of communication. In phishing attacks, cybercriminals use social engineering to mimic the communication style of a company leader, co-worker, or another part of the user’s professional network, including entities such as financial institutions.
The email may direct users to a fraudulent website where they are encouraged to enter personal information, or it may contain a link or attachment that is infected with malware, such as ransomware.
2) Credential Theft
Credential theft involves hackers stealing a company’s or user’s passwords. Once hackers have the passwords, they can access, steal, and compromise mission-critical data and personally identifiable information. Cybercriminals can move through the system without being detected, resetting passwords and laying the groundwork for additional attacks by mimicking the behavior of an individual with authorized access.
Credential theft may leverage credential stuffing in which hackers use bots to test stolen usernames and passwords on company websites and applications until they breach the system. MFA is an effective defense against credential theft because it requires more than a password to gain access.
3) Account Takeover
In account takeover (ATO) attacks, a cybercriminal steals the identities of users to access their online accounts, including email accounts. The availability of login credentials on the dark web makes these types of attacks popular. ATO allows hackers to engage in business email compromise and stage phishing campaigns.
Gaining access to a business account creates opportunities for fraud that cost your company money and damages its reputation. The hacker can use a trusted email address to request payments from other companies or distribute malware.
Right! Systems, Inc. has clients that are exposed to ransomware every month or so. These companies may not be direct targets, but they get caught in a drive-by aimed at a larger enterprise.
The Colonial Pipeline breach is a significant example of a ransomware attack in which a major organization was shut down, affecting gas prices across a large part of the U.S. Investigations showed Colonial Pipeline had been experiencing suspicious behavior in its environment for over a week before receiving the ransom note.
The access point for the attack appeared to be a non-MFA VPN portal. To avoid a lengthy shutdown of critical infrastructure, the company was forced to pay a nearly $5 million ransom.
How to Defend Against Today’s Threats
When combatting today’s threats, your company should deploy strong solutions that are not necessarily best of breed. Preventing attacks means actively monitoring for and hunting threats in your environment. To gain threat intelligence, you must integrate as much valuable log data as possible. Maintain an immutable backup plan with recovery that addresses your worst-case data loss and conduct ongoing vulnerability assessments either weekly or monthly
Right! Systems can help your company prevent the leading types of cyberattacks. We are expanding our service offerings in managed and co-managed security to include:
· Endpoint Detection and Response (EDR)/Endpoint Protection Platforms (EPP)
· Identity management through Multi-factor Authentication (MFA)/Single Sign-On (SSO)
· Email security
· Active firewall
· 24 x 7 SOC Services
· Managed SD-WAN/SASE
· Operations assistance for day-to-day management with expert-level support on escalations
We can help your company put these tools together into a security strategy that fits the current risk landscape.