Taking a proactive approach to cybersecurity threats should be included in each and every business plan as the digital transformation continues to take hold. Each year, cybercriminal attacks grow more complex and sophisticated, requiring companies to be more vigilant in their security protocols and defenses. Here are five of the top cybersecurity threats to your company:
Social engineering and phishing attacks
In 2020, a social engineering attack on Twitter reminded the world how vulnerable companies are to cyber threats. The occurrence involved a few employees through a phone spear-phishing attack and created a security breach that impacted dozens of very high-profile Twitter accounts. Since the attack, the team at Twitter made changes to their security protocols to prevent further breaches.
A recent estimation puts the number of spoofing and phishing attack emails sent each day at just over 3 billion. These aren’t just directed towards individuals on their home computers, but hundreds of thousands of employees going about their workday. This statistic reveals the overwhelming need to have strong IT security solutions in place.
Phishing attacks use fraudulent texts, websites, or emails to lure a victim into revealing sensitive information such as online account passwords, financial account details, or credentials to work systems. Such attacks are common on individuals and businesses because of how easy, effective, and cheap they are to execute.
These serious attacks can have a detrimental impact on a company when personal information (for vendors, consumers, or employees) or business information is stolen. But the good news is: companies can use training to make employees aware of phishing attempts, as well as take steps to implement anti-phishing solutions to detect these attacks. KnowB4 training uses mock attacks and interactive Web-based training for employee awareness, while email security can be achieved through Cisco AMP.
Internet-of-Things (IoT) attacks
There is a growing number of internet-connected, or IoT, smart devices in use by businesses across all industries, which include devices such as the ABB robot with predictive maintenance capabilities or the industrial smart glasses used by Airbus. This means that such devices must be equipped with security features that can withstand hijacking attacks or attempted network-related attacks. An unsecured IoT device allows cybercriminals to infiltrate a business network and distribute malware or conduct denial-of-service attacks. IoT devices often lack the security patches needed to continually secure them from being compromised – or a business might also lack the ability to keep up with software updates to these devices, leaving them open to vulnerabilities.
Addressing the concern with IoT starts with a comprehensive inventory of all connected devices on the network and the various operating systems they run. Firmware updates are crucial to make sure patches are properly and promptly installed. Always document any new addition of a smart device to your company inventory, and have complete updates conducted prior to connecting the local system.
In particular, double extortion ransomware attacks are a serious threat. The group REvil was the first group to be identified using this threat, but other groups have begun to employ the tactic, too. In these attacks, the hackers infiltrate a company network and insert a Trojan horse that seeks out important or sensitive files to encrypt. The virus displays a warning screen that threatens to destroy the files unless a specified ransom amount is paid. However, the hackers go one step further and threaten to auction off or sell the encrypted data that is being held at ransom, giving companies more of an incentive to comply with the ransom demands. VPN concentrators and a remote desktop protocol are vulnerable to these ransomware attacks because of the direct exposure to both the internet and a company’s network.
Updating VPN systems with the latest updates and patches can reduce the attack surface for remote employees. Using multi-factor authentication (MFA) for both outer layer and internal resource access, as well as instituting an effective password change protocol can also protect against a password-spraying attack. Use mediation gateways for RDP users to avoid direct exposure of the system to the internet.
Employee behaviors and abuse of internet access are some of the biggest security threats a company can face. Whether accidental or intentional, the choices employees make concerning their internet use, password confidentiality, or email habits can open a company up to serious security liabilities and threats. Downloading malware, regardless of the reason, causes considerable damage to private information and company data.
Through the guidance of a good systems administrator and internet monitoring software, companies can reduce the risk of an internal attack. In addition to implementing strict IT access privileges where users only have the minimum required access for the job, having a system management support team can ensure that the company’s IT solutions are prepared for any threat. Implementing protocols that revoke user privileges and access, as well as strong security firewalls, can also prevent inside attack success.
Additionally, the employee offboarding process should not be overlooked, as many employees who have access to software as service applications may still have access to specific web apps after they have left the company. Employees who rely on personal devices may still retain access to the web apps with a personal account even if their work email has been deactivated. A SaaS management tool can help close digital points of access during offboarding.
System administration exploitation
Management administration tools aren’t a new target for threat groups, as more than 50% of threat actors rely on system administration and penetration testing tools that are publicly available as the foundation of their threat strategies. System administration tools such as PowerShell Empire or Cobalt Strike will face increased exploitation over the coming year. Attackers will continue to use these tools to install harmful software directly into the memory of the computer, making it much harder to be detected.
To address these concerns, system administrators will need to rely on artificial intelligence (AI) and machine learning. AI and machine learning are able to analyze massive amounts of data and identify threats before exploitation occurs. The computer, through machine learning, will observe anomalies more quickly and reliably than human insight, proactively searching for vulnerabilities through a number of factors.
Address potential threats
Your company’s security could easily be the most important motivation to partner with an IT managed services and security provider. Businesses of all sizes face cybersecurity threats, and an in-house only structure may not have the resources or experience to meet the latest security trends and threats.
ZAG can provide an assessment of your system while delivering the kind of support and oversight needed to augment your IT department’s resources or serve as your IT support on a day-to-day basis. Ready to learn how to better protect your network? Contact us today to discuss your company’s security needs.