As organizations increasingly leverage cloud-based applications and look at another year of working from home, security professionals predict increased cybersecurity threats and vulnerabilities. Some estimates have increased attacks during the pandemic at 400% or more. Global cybercrime costs are expected to grow by 15% per year. Over the next five years, it will reach $10.5 trillion annually by 2025.
What should you expect? Malware attacks, ID Theft, Ransomware, and Cloud-Based Network Attacks. We can discuss the employee behaviors and cybersecurity threats and vulnerabilities that can trigger each of those attacks. However, those are the most common criminal attacks.
For business leaders, it’s time to operationalize security. Meaning weaving security practices and “mindfulness” into the daily actions and culture of the enterprise. It is crucial to prevent cybersecurity threats and vulnerabilities.
Malware Attacks
Malware attacks are any type of malicious software that’s installed on someone else’s device without their knowledge. They gain access to personal information or damage the device, or access the computer network for criminal intent.
Ransomware (more below) is a type of malware that prevents or limits users from accessing their own system or data. The business must pay a ransom to regain access to their own systems or data. A network attack attempts to gain unauthorized access to an organization’s network. The objective being stealing data or to perform other malicious activity.
Social Engineering and ID Theft
Good old-fashioned social engineering. Meaning someone emails or calls you and asks for your password or login information, claiming to be from IT — and you provide that info. Recently, this happened at Twitter. Someone messaged a Twitter employee asking for login info, claiming they were from Twitter IT. Before you know it, the bad actor was able to hack into the Twitter accounts of Bill Gates, Apple, Elon Musk and Barack Obama.
A company like Twitter is spending millions of dollars on security software and security applications. Yet, all it takes is one bad actor talking their way into login credentials and you’ve got a data breach. Microsoft reports that social engineering attacks have jumped to 20,000 to 30,000 a day in the U.S. alone.
ID Theft is when someone uses another person’s personal identifying information. Such as their name, identifying number, without their permission, to commit fraud or other crimes.
Cloud Based Attacks
Other cybersecurity threats and vulnerabilities is the configuration of internet applications. As businesses increasingly utilize cloud technology, it is important to validate the basic security configuration. This is relative to access control and ensure only the required permissions for use are applied, nothing more. An example is using a cloud-based file share to share and collaborate on a document. Controlling access and permissions for use is essential, and they should not be set to ‘everyone’ or otherwise broadly permissive.
A real world example where an HR professional uploaded a document containing employee personal identifying info into a Dropbox folder that didn’t restrict access and was open to the ‘public.’ So you had PII, personal identifying info, that was accessible to any public entity that could find the open folder (and there are tools to scan and do just that). You always need to configure access to only people who specifically need the access. Also, any access needs to be thought through from a security perspective, where security professionals implement:
- Implement strong password Use two-factor and/or Multi-Factor authentication (any secondary form of authentication such as a SMS text pin, a soft or hard token (some enterprises implement).
- Check and maintain your access controls and permissions over time. Update as required.
- Delete data/files when they are no longer needed. Don’t let them sit there in perpetuity.
Teams and people need to run their apps by their InfoSec/Cybersecurity team as an option. When the security team lacks knowledge of or control over all the various apps being used in the enterprise, it becomes challenging for them to effectively perform their job and support everyone. (pro-tip: One key tenant of cybersecurity is knowing about ALL assets, systems, apps and where data is stored, processed and transacted.
Phishing Attacks
Phishing scams typically employ social engineering in traditional email and cloud services attacks. This can result in Business Email Compromise (BEC), Account Takeover (ATO), credential theft, ransomware and other security breaches. Emails are typically disguised as messages from trusted individuals. For example, a manager, coworker, or business associate to trick your employees. This typically ends with the tricked employee activating the enclosed malware or granting unauthorized access. According to the 2020 Verizon Data Breach Investigations Report, 22% of breaches involved phishing. Phishing attacks will continue to be carried out through cloud applications as well as via traditional emails.
Ransomware Attacks
Ransomware attacks have been a significant concern for businesses over the past several years. Ransomware’s success is largely owed to the relative simplicity with which an attacker can achieve devastating effects. Ransomware operators have devised innovative ways to spread rapidly, dodge security protocols and launch successful attacks on targeted companies and individuals. This is a major cause for concern since the effects of a single ransomware attack can be extremely damaging to small and midsize businesses. This can lead to exorbitant costs associated with downtime and recovery. Given their increasing sophistication, greater frequency and new targeted approach, it can be safely said that the cost of ransomware will be much higher than in the past.
Social Media-Based Attacks
Social media has frequently been the medium of choice for launching various types of cyberattack. We predict attackers are likely to transition from targeting individuals to targeting businesses. For example, cybercriminals might launch an attack by announcing a new product or a webinar mimicking a legitimate business. Once the user clicks on the registration URL, they would be redirected to a malicious website and driven to compromise personally identifiable information or credentials for multi factor authentication.
Inefficient verification and authentication practices further enable social media attacks to succeed.
Passwords and Passphrases
Best practices on passcodes are always changing and there’s no one perfect answer. You can check out the National Institute of Standards and Technology (NIST) for the best guidance on password practices. Additionally, using a secure password management application ensures that your unique passwords are not stored in your browser history or written down in an unsecure spreadsheet. But that’s the real vulnerability — allowing your browser to store your passwords. Which means your password may be exposed to the internet. Some browsers are less secure than others. In other words, you really don’t have any control.
Ideally, you don’t allow your browser to store your password. You use a secure application to store all your passwords, such as LastPass. Another technique is to utilize two-actor/multi-factor authentication. A service or application texts the intended user a special code and must input the special code to authenticate. This is a second layer of defense. Lastly, NEVER reuse the same password across business and personal accounts. Credential theft is a highly-prevalent vector and think about it. They get your credentials (user id and a shared password) which could lead to not only broad unauthorized access, but your identity being stolen and possible company data loss or compromise. Don’t risk it!
Work-From-Home (WFH) Vulnerabilities
Working from home exponentially increases the risk of cybersecurity threats and vulnerabilities. You have a greater number of device variables, in-home variables such as children, pets or even the mailman ringing the doorbell. People are accessing company systems using their own network devices and services. Each device has security configuration variables; some not always configured by default to be secure. You also have an increased variable of access to the internet outside of a corporate setting. This is where specific security threat mitigation controls may be applied and managed.
When working from home (or remote, say a hotel), people could be accessing the internet in an open-access point. Your web activity is open and visible to anyone else on the internet. Or even a ‘man-in-the-middle’ whereas a malicious actor has setup a WiFi Access point to intercept and monitor wireless network connectivity. Being aware of these variables is really important. Be mindful of potential vulnerabilities and threats. This will reduce the likelihood of being caught off guard.
Conclusion
In a nutshell, criminals are looking for any point of entry which includes you (the person), to steal your data. In a corporate context, Cybersecurity and protecting ourselves in our cyber-enabled world is a company-wide team effort, not just the responsibility of the info security team. Security-minded individuals can make a positive difference in how they work. Their vigilance to cyber-threats and simply being aware that the internet, apps and tools we use everyday to enable our productivity are good. However, like just about anything, they can also be vectors for nefarious actions and outcomes if we do not pay attention. Even though companies spend millions of dollars on security, you’re only as strong as each employee in the organization. For example, when employees are not trained and on guard, you become completely vulnerable to an attack.
Learn more about Cybersecurity and how your employees can act as a human firewall to prevent cyber attacks in Emtrain’s Cybersecurity course. You can also listen to my talk on Emtrain’s Linkedin Live segment, Always Learning.
Frequently Asked Questions (FAQ)
- What types of cybersecurity threats and vulnerabilities should organizations expect?
-
-
- Organizations should expect malware attacks, ID theft, ransomware, cloud-based network attacks, phishing attacks, and social media-based attacks.
-
- What employee behaviors can trigger malware attacks?
-
-
- Downloading untrusted software, clicking on malicious links, and visiting compromised websites can trigger malware attacks.
-
- How does social engineering lead to ID theft?
-
-
- Social engineering involves tricking employees into revealing sensitive information by posing as trusted entities.
-
- What measures can businesses take to prevent cloud-based network attacks?
-
-
- Businesses should validate security configurations, restrict permissions, use strong passwords, employ multi-factor authentication, and regularly review access controls.
-
- What are the best practices for managing passwords and passphrases?
-
-
- Best practices include using strong, unique passwords, secure password managers, two-factor authentication, avoiding browser-based storage, and not reusing passwords.
-
- Why are work-from-home (WFH) environments more vulnerable to cyber threats?
-
-
- WFH environments are more vulnerable due to diverse personal devices, distractions, varying home network security, and exposure to public WiFi.
-
- How can employees help operationalize security within an organization?
-
-
- Employees can help by being vigilant, following security policies, participating in training, reporting suspicious activities, and using secure tools.
-
- What is the impact of ransomware attacks on businesses?
-
-
- Ransomware attacks can cause financial loss, operational disruptions, data loss, and reputational damage.
-
- How can I mitigate phishing attacks?
-
-
- Mitigate phishing attacks through employee training, email filtering, multi-factor authentication, and regular system updates.
-
- Why is a company-wide approach to cybersecurity important?
-
- A company-wide approach ensures comprehensive protection, involving every employee in maintaining security and reducing risks.