Check out all the on-demand sessions from the Intelligent Security Summit here.
Cybercrime is prominent and will continue to evolve amid a growing cyber threat landscape. When organizations scale, the risk increases with their reliance on cloud-based systems, an expanding global workforce and attackers’ more sophisticated social engineering tactics. Security professionals are not only challenged with fixing these issues, but tasked with conducting educational training and running cybersecurity awareness programs.
Here are the top five cyber-threats that continue to plague organizations today, and how security teams can prevent cyberattackers from breaching critical business data.
Broken access control — the number one cyber threat
Broken access control continues to be a major problem for organizations. Permission pathways need to be defined, because when users have access to more than the intended information for their role, it exposes private data, which can ultimately lead to a breach of confidentiality. According to the Open Web Application Security Project’s (OWASP) 2021 report, broken access control is listed as the number one threat, having moved up in the rankings from the fifth spot in the 2017 report, and consequently is one of the top five most common vulnerabilities.
Zero trust is more than a buzzword — it’s how organizations should operate their security systems. Whether malicious or not, every employee has the ability to expose company data and is thus a potential threat to the organization. The solution is for security leaders to thoroughly conduct data authorization audits and routinely check that the information flow is in the correct hands — and if it’s not, remediate permissions in each department.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Phishing scams and social engineering hacks
Phishing scams are a common type of social engineering attack. Malicious actors manipulate the end-user using emotions, such as fear and urgency, to prey on their susceptible nature. This includes asking for donations from fake websites and updating login credentials for banks or streaming services. According to a recent report on email threats, from January to June 2022 there was a 48% increase in email phishing attacks.
With remote work becoming the norm, malicious actors are becoming more sophisticated in their phishing attack strategies and tactics. The most common ones we see today include false shipping updates, healthcare appointment reminders and inquiries from bosses or coworkers to lure people into giving them login credentials or personal or financial information. The best way to prevent these cyber threats and protect vital information is through cybersecurity education.
Compliance dips in security
The talent shortage among security professionals is resulting in weakened security postures. Unfortunately, the risk continues to increase as organizations lay off workers including members of their security teams. Many organizations implement penetration testing only to check the box during mandatory compliance audits. However, if routine pentesting isn’t implemented between these compliance cycles, it increases the risk of breached security. There can be pockets of time where organizations may not know they are fully protected, resulting in security gaps.
With security teams smaller than ever, automation is key in closing this gap – and there are tools to help facilitate faster, more targeted security testing. For example, smaller, ad-hoc pentesting allows organizations to bring security to shift-left in the CI/CD pipeline and accelerate their DevSecOps journeys. Agile testing allows organizations to test certain product updates or smaller areas within a security system.
To minimize risk and increase efforts toward remediation, security teams must proactively identify and address security gaps through consistent testing.
Internet of Things
Through connectivity and data exchange via the Internet of Things (IoT), an entirely new opportunity for bad actors to expose private information opens. IoT architecture is closely intertwined with our personal lives; it includes everything from household appliances to industrial and manufacturing tools.
With the European Union’s (EU) legislation proposing strict mandates for cybersecurity by 2024, IoT product companies overseas are scrambling to meet regulations. Much as with General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), it is only a matter of time before the U.S. passes mandates for IoT organizations to strengthen their cybersecurity.
Updating software and firmware consistently is essential in preventing attacks and patching vulnerabilities. Businesses using IoT firmware devices can educate their employees on the importance of software updates and let them know it is also their personal responsibility. Additionally, strong password protection and changing passwords regularly helps with avoiding insecure defaults which can lead to distributed denial of service (DDoS) attacks. Password protection isn’t bulletproof, but using different passwords for each device and regularly changing passwords to be more complex can help deter attacks.
Pay-for-use malware, better known as ransomeware-as-a-service (RaaS), is a growing threat in organized cybercrime gangs. Their polished strategies and business models are part of a malicious operating system. Within the past year, Vice Society, a cybercrime group, attacked the Los Angeles Unified School District. After not receiving ransom, they leaked 500GB of private data from students and faculty. According to a recent Sophos study, the average cost to recover from a ransomware attack in 2021 was $1.4 million, a price tag most organizations can’t afford.
Digital transformation accelerated the past few years, and in parallel so did ransomware technology and methods. With the shift to cloud computing, these bad actors now have a global reach, and have capitalized on vulnerable organizations still configuring their security systems.
The best way for organizations — large and small — to bolster their IT and security infrastructure and prevent ransomware attacks is to conduct continuous testing, monitoring and implementing insights from ethical hackers to.
News headlines about cyberattacks are rampant and the severity of attacks continues to increase, so it is up to every individual to bolster their organization’s security posture through education, awareness and training. As technology continues to develop, cybersecurity threats will infiltrate new mediums, but many of the threats will remain the same in principle. It will take consistent evaluation of processes, people and systems for organizations to be prepared and operationally resilient. By utilizing insights from ethical hackers, instilling routine testing and leveraging automation, organizations can be better prepared for potential threats.
Jay Paz is senior director of pentester advocacy & research at Cobalt.