How to protect against cyber threats
IT Pro looks at the four biggest enterprise cyber threats and how to protect against them...
The cyber threatscape is a dynamic and rapid environment where individual threats hit the victim, the headlines and the waste-bin of history in quick succession. Some threats, however, are the hardy perennials of the security world. So how do you deal with those?
Malware is short for malicious software, and long on threat durability. Last year enterprise organisations downloaded a piece of known malware every 81 seconds. Malware itself is constantly mutating, with some reports suggesting as many as 12 million new variants were produced every month last year.
To frame that rate of growth in some contextual perspective, more 'new' malware was seen across the last two years than the entire previous decade in total. As more and more criminals cotton on to the fact that they can still make a tidy profit by selling 'malware-as-a-service' packages, expect this number to keep growing.
Endpoint protection software - i.e. software which protects the actual laptops and smartphone used by employees - is a good first line of defence against malware, as many forms of malware (particularly older strains) will be caught by modern anti-virus programs and the like.
For the same reason, making sure your software is as up-to-date as possible when it comes to security patches is a must. Most malware takes advantage of security holes in older versions of software that go unpatched by lazy or overworked IT departments, and issuing the appropriate fixes can often plug many vulnerabilities with a single stroke.
Sometimes, however, the caca inevitably hits the fan, and if the worst should happen, backups are an excellent way to ensure your business can bounce back in hours rather than weeks. Taking regular backups is an excellent way to de-fang ransomware in particular, as simply restoring from yesterday's backup is easier, faster and cheaper than ponying up the bitcoin to get your devices unlocked.
Due to the extremely low entry requirements, phishing remains by far the most common attack vector for cyber criminals. The goals of a phishing attack can vary, ranging from simple financial fraud to credential theft and the installation of ransomware and rootkits.
Thankfully, phishing is relatively easy to defend against. There are numerous vendors selling phishing detection solutions and whatnot, but the simplest way of foiling phishermen is staff education. Training employees to spot suspicious emails in simulations and mock attacks can improve infection rates dramatically, and will pay dividends over time.
Of course, some attacks are more targeted than others and criminals will often use carefully-crafted 'spear-phishing' campaigns that have been specifically adapted to work against a certain target. These are more difficult to detect, which is where tools like spam filtering can be beneficial.
Distributed Denial of Service (DDoS)
Although malware remains at the top of hacker tools to disrupt network traffic and take websites down, enterprise-targeted DDoS attacks are hot on the heels of such strikes. In fact, the two often run side-by-side to cause as much disruption as possible to an organisation.
The problem with DDoS attacks is that they cause a huge amount of damage to a business and can bring an entire website down, even if the organisation thinks it has the capacity to deal with a digital battering ram. Consumers are largely kept out of the loop, only experiencing the results of the attack essentially, not being able to use a website rather than finding themselves directly targeted.
The motivation behind such attacks varies. Sometimes the attacker wants to take a political stand against the business in question, while other criminals might want to cripple the company financially. There's also the possibility of holding the firm to ransom, although it's less common than the other reasons behind DDoS attacks.
Whatever the reason hackers decide to launch a DDoS attack on a company, the overall motivation is to cause business disruption, affect customer churn and increase the cost of operating. Added to that, criminals sometimes use DDoS attacks to take the focus away from another attack on the network, so the onslaught could end up costing more than it originally appeared.
Business can protect against DDoS attacks using layered defences including 'scrubbing' networks, which entails passing it through high-capacity networks using scrubbing filters that clean the traffic, or by using web application firewalls that stop attacks from infiltrating the network.
At number three on our list of cyber threats to the enterprise is something way too many people don't properly understand: shadow IT.
Although the term itself is becoming more commonplace, it tends to be wrongly dismissed as being synonymous with the Bring Your Own Device (BYOD) mobile technology phenomena. The real threat, however, comes to the organisation through rogue services that employees (and management up to and including the C-suite are often amongst them) use to increase productivity but which are completely unauthorised.
By flying under the organisational radar these services, which can range from cloud storage provision through to social media tools, are also off the security map. Securing endpoints that aren't visible to you isn't easy. In fact, it's pretty much impossible to stop all shadow IT use, but you can control and secure it through a mix of education, policy and technology.
Educated staff who are aware of the risks associated with unauthorised service use are more likely to ask for help, especially if policy encourages this rather than brandishing an executioner's axe. The final piece of the puzzle is technology, which can help bring visibility and control back to the organisation. Small steps such as monitoring expenses and implementing authentication through a centralised billing system can have a big visibility reach.
WATCH: Learn more about the security threats facing businesses today and how to combat them in this free webinar WATCH NOW