Cyber Attacks: Understanding the main causes of widespread security vulnerabilities
Cyber attacks are becoming a new reality that we must deal with. WannaCry ransomware, which hit 150 countries over a week ago, encrypted over 200K hard drives. As described in previous Insights articles, ransomware freezes your data until you pay the criminals who launched an attack. While sensational, WannaCry was by no means an isolated event. Cyberattacks cost businesses approximately a half a trillion dollars in damages every year. Unfortunately, malware is mutating so fast that new threat patterns are hard to identify.
Why the widespread vulnerability to cyber attacks?
Don’t assume you’re safe from future cyber attacks because you no longer use Windows XP (the most vulnerable OS to WannaCry). –While Microsoft quickly provided a patch after this month’s attack not only for Windows XP but also for Windows 8 and Server 2003 operating systems–for many the damage was already done.
You may wonder why so many organizations were still using Windows XP, as was the case for a number of British hospital systems. The underlying problem in most such incidents is a lack of funding to update systems. This is a frequently cited reason for the vulnerability of government systems to hacking.
To better protect your business cyber attacks moving forward, be aware of the following –
- Business owners, especially small business owners, need to take responsibility for updating their legacy technology. While most companies can’t afford to staff an IT department, CEOs should consider hiring an IT security consultant to inspect their systems for vulnerabilities.
- With so many web-based, a cloud-based and mobile device external applications, the days of housing private data internally are long gone. It now requires a much more sophisticated, multi-layered security system to deal with internal and external threats.
- Doubting the value of IT departments, business owners increasingly rely on SaaS (cloud-based software as a service) products and third parties to provide and protect their technology. Although Big Data-based services can often detect and remove malware, when not properly protected, they can also contribute to major security problems.
- Another security challenge is having one centralized security monitoring system, resulting in only one firewall protecting against attacks. This creates greater vulnerability and a much more labor-intensive process to isolate malware and remove it.
- Understand that though you may have the newest computers on most of your desks, one outdated computer system or unsecured device can bring down your entire digital infrastructure. This is why it is often worth the investment to hire a third party to monitor your systems for weaknesses, including all digital devices used for company business.
Next I’ll describe concrete measures you can take to protect your systems from malware attacks
You need protection against cloud-based malware
NEW Ransomware Scam Alert—
The WannaCry ransomware attack has spawned at least one Trojan horse malware app that promises protection but instead infects your system. This breaking news underscores the importance of NOT downloading apps from third party sources. Always research the app developer and reviews to make sure it’s legitimate. –Also, be sure to update your devices with the latest security patches.
The increasing vulnerability to cyberattacks can be attributed to (1) outdated legacy security systems, (2) a failure to adopt or update cloud-based big data security, and (3) unsecured digital devices. While big data has greatly improved predictive analysis, many companies lack a multilevel, integrated security system capable of preventing attacks from cloud-based big data repositories. Having an outdated legacy security systems means that even after malware is detected, it will continue to damage your company’s systems until an IT team can shut down all systems to remove it.
The challenge: Malware & Ransomware
Cloud-based platforms like StreamNation and Dropbox have been extensively attacked. This and other big data repository breaches highlight the importance of ensuring the validity of your incoming cloud-based information. With the right tools, you can track the origination, type, and timing of data. Some banks, for example, confirm a user’s identity by tracking how they normally use their computer mouse compared with new transaction input.
Strategies for improving your Big Data security
- Adopt decentralized cyber security architectures that automatically disconnect from a breached system and any affected equipment, immediately putting them into a “safe mode” default.
- Invest in new generation, multi-level, security systems that learn to identify and prevent emerging attacks by searching for anomalies and assessing the probability they are malware. Anything suspicious is automatically added to an ever-expanding list of potential threats.
- Incorporate access controls to differentiate the level of data confidentiality your users have access to.
- As stated in previous posts, ensure your employees and other users are trained to detect malicious content and the critical importance of continually downloading system updates.
- Finally, consider updating or replacing your Security Information and Event Management (SIEM) system. SIEM is a long-standing approach to security management that companies have used for quick identification, analysis, and recovery of security events. Unfortunately, most SIEM systems have failed to keep up with new threats. Older SIEM systems, especially, fail to recognize the origination of threats, hacker impersonations of companies, or employees who steal data. –Whether new SIEM systems will adapt to these and emerging IoT (Internet of Things) challenges is yet to be determined.
In my next article, I’ll describe the growing necessity of ‘Secure-by-Design’ protections for all products.