Next generation Cybersecurity Threats and Defences

The need to safeguard data and networks has never been more critical with cybersecurity threats evolving both in sophistication and scale. According to a 2019 survey of hackers and cybersecurity professionals attending the Black Hat Conference, service accounts are targets because hackers can easily lift privileges and gain access to sensitive information.

Despite the obvious threat, one in three security professionals indicate that service account passwords are changed only after an incident or never rotated. Both hackers and security professionals agree that the best ways to protect a service account from compromise is by removing unnecessary service accounts, rotating credentials frequently and monitoring all privileged account activity to detect suspicious behaviour.

Social media 

Joseph Carson (thycotic.com) reports that the biggest social media hack of 2020 occurred on 15 July with a tweetstorm targeting Twitter’s high-profile corporate executives, celebrities, and world leaders. These executives became the victims of account hijackings which resulted in unauthorised tweets generated from their accounts that could potentially have reached more than 360 million Twitter users.

“Kanye West, Elon Musk, Presidential Democratic Candidate Joe Biden, Michael Bloomberg, and former President Barack Obama all had unauthorized tweets sent out claiming they were giving away some of their wealth, and anyone who sent bitcoins to the specified BTC wallet would get their funds matched.”  Carson reports that more than $100,000 USD was sent to the BTC wallets in the first few hours of the tweets.

Jack Dorsey, co-founder and CEO of Twitter, responded to the attack by saying that security experts are considering a variety of theories of what might have transpired, including SIM swapping, social engineering, a sophisticated nation-state attack, cyber mercenaries, or malicious insiders. 

It is likely that the financial fraud component was not the main motive and could have been a ploy to demonstrate the cyber criminal’s ability to compromise high profile Twitter accounts. It is possible that an employee with an administrator role was targeted by a spear-phishing scam to steal their credentials. This is a common criminal hacker technique widely deployed today.

Carson says that “This incident is a great reminder of the importance of the principle of least privilege, sometimes referred to as zero trust”. Regardless of whether that access is at the authorization/administrative level or provides access to sensitive data, all employee access should be considered privileged access. Thus, all security controls must be improved to prevent abuse from both external and malicious insiders. When it comes to access, companies should ensure that employees have the least level of privilege, but still be able to complete their tasks. 

[us_single_image image=”37994″ onclick=”custom_link” link=”url:%2Fsolution-taken%2F%3Futm_campaign%3Dbusiness-solution%26utm_medium%3Dblog-126-cta-1|||”]

Cybersecurity measures

Since approximately 2017 cyber-attackers have been using the latest technology to exploit the vulnerabilities in systems and devices and conduct large scale, fast-moving and multi-vector mega attacks. Large and mega scale attacks influence all organisations, their operations, functionality, business continuity and reputation.

To combat these vulnerabilities, experts advise that businesses should develop a progressive cybersecurity methodology focused on efforts to stay ahead of current threats rather than merely maintaining a program that is compliant or has been successful in the past.

Organisations should create strategies to access and analyse the latest threat intelligence, prioritise information security budgets and enhance internal technologies to defend organisations against threats from ransomware, DDoS attacks, phishing and malware scams, and amplified vulnerabilities in mobile and Internet of Things (IoT) platforms.

Unpatched corporate software or insufficient security technology

Companies are advised to capitalise on cyber threat intelligence (CTI) resources and advanced detection technologies to predict how certain threats or attacks are evolving and what perceived vulnerabilities are being targeted.

Additionally, organisations may use advanced detection technologies such as Artificial Intelligence (AI) since machines are capable of cognitive functions such as anomaly detection and classification. Machine learning uses special data and algorithms to identify risks and develop solutions, providing a more-informed response than traditional rule-based security programs.

The Internet of Things

The risks and the high potential of threat in the IoT world is an example of ongoing development of security exploits that increases the sophistication of attacks. It also expands the number of attack vectors, and enables attacks to detect and adapt to previously unseen devices, applications, and platforms.

The solution neededNext Generation Cyber Security

Due to the high-level cyber threats, including IoT systems, traditional security is not sufficient anymore. A novel and more holistic approach is needed for the protection of mission critical systems and facilities. 

The American Department of Homeland Security identifies five major pillars of managing cyber security risks:

  • Risk identification
  • Vulnerability reduction
  • Threat reduction
  • Consequence mitigation
  • Enable cyber security outcome

To secure mission critical elements effectively, cyber security solutions should include three elements:

Hardening: End to End or ‘cyber hardening’, by using best security practices and inherent cyber security controls within various network elements, processes, operating systems, and software.

Monitoring: Elements within the mission critical system and facility should be monitored to identify and report on operational and network-related anomalies which may indicate an impending or on-going cyber-attack.

Intelligence: Cyber threat intelligence capabilities should augment physical security to identify potential future cyber-attacks of the mission critical system or facility.

It is critical that all organisations establish a cybersecurity plan that combines what works today, with novel and progressive steps to address future attacks.

Take your business connectivity guide to find the perfect solution for your business!

Share on email
Share on facebook
Share on twitter
Share on linkedin
Share on pinterest