Swimming Upstream: A New Year of Information Security Threats - National Information Solutions Cooperative (NISC)

Swimming Upstream: A New Year of Information Security Threats

Regardless of size, from a “Mom and Pop Shop” to a Fortune 500 company, we are all vulnerable to cybercrime. At the beginning of each year, hundreds of security focused websites predict the biggest threats of the upcoming attack season. As I research this information, I can’t help but notice how wide ranging they are. Here’s a sampling from Websense:

  1. “Your refrigerator is not an IT security threat, industrial sensors are”: Experts are now focusing on the increasing attacks on businesses’ Internet of Things (IoT) and not just consumer products such as someone hacking your smart fridge. From a business standpoint, the areas of exposure are greater now than ever before with extensive network connected devices…And the IoT can bring extensive vulnerability. Don’t worry about someone hacking your fridge and spoiling your milk, rather worry about someone gaining access to your company’s network. That’s where the money is so that is truly the focus of cybercriminals.
  2. “You are only who your phone says you are”: A growing threat is authentication and spoofing. Cybercriminals are finding new ways to access your information…and they are getting very good at it. A point to consider is that more often than not, the data on your phone isn’t necessarily what the criminals want…It is the avenues the phone opens up that is of value. If you lost your phone today, how easy would it be for the hacker to access items such as a DropBox folder where you save all of your financial information? Your phone is logged in to a number of things, and if it fell into the wrong hands or was hacked, the implications are worse than just a horrible Facebook post done on your behalf.
  3. “Email threats are evolving”: Email threats are getting more sophisticated and evasive. No longer do these emails have spelling errors and obvious signs that they are not legitimate. The emails of today are quite refined, targeted and advanced to where most modern email security solutions can no longer tell the difference.
  4. “New cyber war players take a seat at the table”: The landscape of cyber war is ever-changing. New players are getting into the game as well as those who may have been there for years but are just being revealed now. I am sure you remember the massive overseas attack of secured, or seemingly secured, networks and the subsequent leak of classified documents. Most of cyber war is for a cause…And expect to hear more about it in the year to come.
  5. “Credit card breaches are the least of your worries”: The hackers have evolved beyond credit card theft. They are now focused on greater levels of information far beyond simple credit card information…and it is actively being traded and sold.

Every time I read these articles, I sit back and think, “Man, we’ve got a lot to try to address.” And as I try not to feel too overwhelmed, I can’t help but notice that one of the common threads amongst all of these titles is that human intervention is needed. In other words, it took one of us error-prone humans to implement or change each one of these items and open the doors to hackers…The key word being error-prone. I’m not saying that we are all incompetent, rather I’m just saying that we’re prone to error. One of our most commonly used approaches to reduce this error is to throw technology at it. But this turns out to be a vicious cycle: Throw technology at the problem and introduce more problems due to the way we are implementing it…And the technology that we just threw at it is not set up properly to do what it was intended to do.

It’s not my intention to get all gloom and doom on you…It’s to encourage you to you stop and think. Maybe we are over complicating things where we don’t need to. Let’s try to simplify things a bit. It’s the little things that we tend to gloss over that could help us down the road. The mundane, repetitive, procedural tasks that we all hate to do. For example:

  1. A vulnerability gets opened in the firewall because we are in such a hurry to get the task done, and we inadvertently open too many ports. If this hole remains open, we are potentially letting in attackers.Suggested Approach: Ensure your IT department is documenting the changes and performing an external port scan on your IP range(s).
  2. Operating systems and applications that are supposedly getting patched to protect us from vulnerabilities may not be getting the patches applied.

    Suggested Approach:     Ensure your IT department is visually spot checking (validating) the patch.
    Bonus Suggestion: Invest in a technology that will query your systems and provide an inventory of software and current patch levels.

It’s not getting any easier to keep track of all of our technologies and all the ways they integrate with each other. In the end, it is one big interconnected world. To try to bring a little sanity to the mix, we can’t forget to simply document and reintroduce the human element into validating our environments. There are many things we can do to stay vigilant…And this is truly one of the easiest ways to start.

If you would like to discuss further or have questions, don’t hesitate to contact the NISC Information Security Team at infosec@nisc.coop.