2016 Security Threats: Profits – Not Mayhem – the Real Aim
Computer security is one of the most frustrating tasks IT pros undertake — the news never seems to get better.
2016 is shaping up to be as tough a year as any. New threats are emerging, old threats are being recast to appear as new, and we face a massive shortage of security professionals and not enough budget to hire the few experts that are available for employment.
Fortunately, while the threats ever worsen, our protections keep getting stronger. The right tools with the right processes and proper IT and end user training go a long way in keeping us all safe.
IoT: Threat Far Larger than Devices
The Internet of Things (IoT) is exploding. And why shouldn’t it. These small, inexpensive little gizmos don’t require much management or repair, and because they are based on IP, can communicate over the internet or with other IoT devices.
The problem is many manufacturers don’t take security seriously, making these devices easy pickings.
This has led to rise of ThingBots where hackers take over thousands of IoT devices and use them to spread spam or launch denial of service attacks, among others.
Two years ago, hackers took over more than 100,000 IoT-based TVs, refrigerators and other appliance and used them to send out some 750,000 malicious emails.
This year, a similar thing happened as cyber criminals commandeered 25,000 close-circuit cameras and them to launch a massive DDOS attack.
The answer: IT pros have to be particularly careful and both vet and control the IoT devices that could potentially access your network. At the same time, you need to improve your security posture with a special emphasis on IoT.
Mobile: A Growing Attack Vector
Early smart phones weren’t usually a hacker target. There just weren’t enough of them around and they were mostly used for voice, text, photos and play. Now these devices are every bit as critical as the PC, and cybercriminals are taking heed. The Bring Your Own Device (BYOD) movement has made them even more attractive targets.
Hackers get in a couple of different ways. Sometimes they attack the systems software, but more often than not they go after the apps.
The answer: Users should only download apps that are vetted. And IT departments need to have policies about company data on a phone, and have software in place to protect that data in case of loss or breach, such as the ability to remotely wipe company data.
Extortion and Ransomware
There is a relatively new form of extortion called Ransomware that is still on fire. Breaking Bad is the most popular form, , but new variations are built on tools such as Breaking Bad.
Ransomware locks downs a computer by encrypting the data and then forcing a payoff. While initially aimed at consumers who will shell out several hundred dollars to get photos, pictures and documents back, it is increasingly attacking businesses as well
While Ransomware rages on, there is another form of extortion aimed at corporations. Hackers either gain access to corporate data (or claim to have access) and demand a reward not to release it publicly. Where a good backup can defend against ransom ware, this other extortion hack can succeed not matter how many backups you have – it is the release of the data, not the loss of the data, that is the danger.
The answer: For ransomware, the best defenses are good security solutions such as patching and anti-malware. Just as important, have a solid backup process that covers all the critical data for your business.. While a hacker might compromise your primary storage, they probably won’t get to your backup.
Retailers Continue to Be a Large Target (Pun Intended)
Why do cybercriminal love going after retailers? Because that’s where the personal data and credit card numbers are. And a successful attack can yield millions of these records. One of the most well-publicized attack on Target netted records on 40 million customers. It’s important to note that these hackers didn’t breach Target directly, however, They managed to enter the retailers’s systems via a contractor’s electronic billing link. Of course, other massive breaches have followed. This data is often resold to those running sophisticated identity threat rings.
The answer: Retailers, of course, must take special heed to comply with all aspects of PCI-DSS, especially the newer rules that say that anyone who “might” come in contact with credit data has to be fully up to speed on PCI compliance – including any contractors For more information on steps IT Ops can take to protect retail data and systems, check out our white paper How to “Overcome 9 Tough Retail IT Challenges “.
Healthcare Breaches Not About to Stop
Hackers and cyber criminals also love to go after healthcare organizations. These attacks have a major negative impact on the victims, always a big hacker motivation. Even better, the detailed personal records that are often stolen are great fodder for identity theft, or for gaining false prescriptions which can be used or resold.
The answer: Healthcare organization also must follow strict regulations, such as HIPAA in the United States, as an absolute guide. Access to patient records must be tightly controlled, and encryption used everywhere possible. At the same, you must use defense-in-depth, and make sure all your safeguards, such as anti-malware, are top quality and always kept up to date.
For more information on how to protect IT data and systems, check out our white paper “HIPAA Compliance: IT Automation Makes It Almost Simple.”
Banks Need to Tighten Their Vaults
Like healthcare organizations and retailers, banks (and credit unions) are a huge target. Not only is there money available for top-tier banking hackers, but there are credit card numbers and enough personal information to keep identity theft criminals busy for years.
The answer: Like with healthcare, regulations truly are a bank’s and a banking customer’s best friend. PCI-DSS in the US helps insure that credit cards and related are kept safe. Banking IT pros also have to keep up with the latest breaches to see what went wrong and try to keep the same thing from happening to their organization.
And malware is a top method for criminals, so make sure you have strong zero day defenses.
For details on how banks and credit unions can minimize exposure of their IT systems and data,, download our white paper “How to Manage IT Risk Like a Big Bank – Without a Big Bank Budget.”
More Answers and Tips and Tricks
There are two lines of defenses against hack attacks: IT pros and end users. IT pros with real security expertise know how to block or mitigate attacks, but there are always new ones to combat. End users and consumers are far less prepared.
Since end users are so vulnerable, IT should continually train these workers.
Here are some key areas:
- Teach them to not open attachments from untrusted sources
- Make them use strong passwords that include numbers, lower case and capitalized letters, and have them changed often
- Urge them not to open suspicious emails, especially those asking that they enter sensitive data
- Create a policy where sensitive documents are regularly destroyed
- Teach them how social engineering works and how to thwart it
Kaseya VSA Offers Strong SMB Protection
Kaseya VSA is an IT system and endpoint management solution that can enable IT Ops staff to increase device uptime, performance and security. VSA lets you monitor, manage, and secure all devices through a single console with fast, comprehensive remote control..
With VSA , IT pros can:
- Discover, audit, inventory and monitor clients, servers and the network. This way, IT staff knows they have full visibility into their network and all attached devices, as well as real-time status on all operating details for these devices. Any issues or deviations from normal operating conditions can be identified by VSA, with proper remediation deployed and/or alerts sent to IT staff.
- Keep systems up-to-date with patch management and software updates. The easiest PCs to attack are those that aren’t patched.
- Maintain and run antivirus/anti-malware tools. Malware is still the number one way systems are compromised. Up-to-date antivirus/anti-malware is the best line of defense.
The great news is all that all these benefits can be automated, based on predefined policies that you set and manage based on your business’ needs. For example, patch updates can automatically downloaded and installed based on predefined patch policies and schedules that minimize network impact. This saves IT time and money, and insures that these processes happen on schedule.
Kaseya AuthAnvil Multi-Factor Authentication Secures Access
Authentication needs to be tighter than ever, especially as many regulations, such as PCI-DSS, keep getting stricter. In the case of PCI, new rules mean that all those that COULD come in touch with credit card holder data MUST have two-factor authentication. Not just those directly and regularly involved.
Kaseya AuthAnvil provides multi-factor authentication – as well as the ability to encrypt all user passwords and the data as it is transmitted.
There are two other layers of authentication protection. AuthAnvil includes single sign-on (SSO) which makes it easier for end users to log-on securely to multiple services. And password management enforces key issues such as strong passwords, frequently changed passwords, and decommissioning a password when an employee leaves.