Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

ABTV

6/19/2017
04:08 PM
Joseph Carson
Joseph Carson
News Analysis-Security Now
50%
50%

Deciphering the Threat Landscape

Why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred, it comes down to three major factors.

With more than 3.5 billion Internet users worldwide, there are millions of opportunities for hackers to exploit. If we look at all the cyberbreach reports in the past year (and even in the last few months) -- we can clearly see that it has been a busy time for cyber criminals. Public reports describe more than 500 data breaches and more than 3 billion records stolen in 2016 alone.

 

So why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred it comes down to three major factors:

  • Human factor
  • Identities and credentials
  • Vulnerabilities

Every day, billions of people power up their devices and connect to the Internet to access online services so they can get the latest news, shop for the best deals, chat and connect with friends, stream music and videos, get advice for health, share their thoughts and access financial information. As more and more people and businesses use online services, they quickly become a target of cyber criminals and hackers. It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money.

Cyberdefense is like a game of Space Invaders with cyberattacks coming from all around the world, attacking your perimeter and devices looking for the opportunity to gain access to your sensitive information. While all of this is happening, you are not able to fight back. You hope that the basic security controls you have are going to stop them all and sometimes it is only a password that is the difference between security and becoming a victim.

Email and social media continue to be the primary weapons used by cyber criminals using cunning techniques for luring unknowing victims to simply give up their secrets using trust and help. Recent quizzes making the rounds on social media asking questions like your first five cars, the top five concerts you went to and cities around the world you have visited are all common password security questions used when resetting passwords. So, think twice about participating in social quizzes as it might be a cyber criminal simply getting you to share information that will unlock your security.

Be very careful about all those emails you get. While they all look authentic and valid, containing real information about you and suggesting that you want to cancel an order, pay a speeding ticket, get tax returns easily or open an attachment, all of these could simply mean you are one click away from getting infected with ransomware or giving access to your devices to a cyber criminal who can then watch you via your camera and listen to your conversations. It is critically important to check every hyperlink to see where it is taking you. If you suspect something, simply do not click on it.

If you do become a victim of ransomware you literally have three options: you restore from a backup, you pay the ransom (with no guarantees) or you say goodbye to your files. This is why it is of the utmost importance that you back up your files onto external hard drives and make sure it is possible to easily restore them.

In this connected world with ever increasing cyberthreats, it is important that you use intelligence and smart steps to avoid becoming the next victim. Here are some smart steps you and your employees can take now.

  1. Limit personal identifiable information on social media.
  2. Do not use social logins and limit the use of application passwords.
  3. Limit what you do over public WiFi.
  4. Use a Virtual Private Network (VPN) to keep your Internet access private.
  5. Back up critical and sensitive data online and offline.
  6. Use password managers and protect privileged accounts.
  7. Keep systems patched and up to date.
  8. Before "clicking," stop, think and check if it is expected, valid and trusted.

— Joseph Carson is Chief Security Scientist at Thycotic and a Certified Information Systems Security Professional (CISSP).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Malware Attacks Declined But Became More Evasive in Q2
Jai Vijayan, Contributing Writer,  9/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15216
PUBLISHED: 2020-09-29
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revisio...
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...