Phishing Tackle explores the largest threats posed to your IT framework and what you can do to reduce your cyber threat surface.
As advances are made in leaps and bounds by security hardware and software manufacturers, so the same advances are made by social engineers and other malicious actors.
As organisations clamour to stay ahead (or at least keep up with) these changes, we feel it prudent to explore the top 5 threats to your IT framework as they exist in 2020.
1 – Phishing Attacks
Phishing attacks dominated the headlines of 2019 as thousands of organisations fell victim to the ever increasingly popular email-borne attacks of social engineers.
Successful attacks give malicious actors a gateway into the organisation’s network, in many cases the consequences of which remain unknown for some time. Phishers use this attack vector to harvest credentials, steal sensitive documents, install malware/ransomware and cause havoc for the victim organisation.
As no security hardware/software can block 100% of phishing attacks, the entire security of your organisation rests on the users’ ability to spot phishing emails when they arrive.
Without regular Security Awareness Training and simulated phishing exercises, a user’s ability to spot these emails diminishes and the organisations cyber threat surface grows.
We created a free tool which reveals how many of your users are susceptible to clicking on a phishing email, you can find it here: Free Click-Prone® Test.
2 – Ransomware
Locking and encrypting files, machines and entire networks then demanding ransom payment for the safe return and decryption of the aforementioned is the modus operandi of a ransomware attack.
The exact implementation varies between attacks, with a recent trend of exporting sensitive files offsite then threatening the target organisation with the release of those files to the public or competitors in order to speed up ransom payments.
The threat from successful ransomware attacks is highly correlated with the threat from phishing attacks. This is because malicious actors use phishing attacks as the primary delivery method for many strains of ransomware.
Having users adequately educated on the dangers of attachments, links and suspicious emails is equally as important as installing and maintaining effective antivirus suites in the fight against ransomware.
3 – Web Applications
During their last Global Security Report, internet security experts Trustwave found that 100% of the tested web applications posed at least one security vulnerability. Not only has this figure remained at 100% for the second year running, but the median number of vulnerabilities has risen from 11 to 15 in the last two years, a 36% increase.
Such is the way of the internet that users are often prompted to download apps, extensions and plugins without any form of IT consultation. Cultures like this create innumerable entry points for hackers and significantly reduce organisations’ cyber awareness.
An open and strong communication channel between user and IT team, allowing easy requirement requests from the user and application vetting from the IT team, is a powerful form of risk mitigation towards these entry points.
The ability for IT teams to authorise and authenticate users to their applications via a cloud-based Identity and Access Management (IAM) suite is also a powerful tool in reducing cyber risk.
4 – Out of date/unpatched hardware and software
The busy nature of IT staff often allows the priority of software and hardware patching to take second place to more pressing and immediate matters. Such practises allow vulnerabilities to exist almost indefinitely.
The necessity of cross-platform communication and the additional software testing strain that patching procedures place on IT staff to ensure smooth operation places it low on the to-do list.
Pleasantries and ease of deployment aside, software/hardware patching is essential to the ongoing security of an organisation. Regular and routine patching ensures the fewest vulnerabilities are left open and gives hackers a significantly smaller attack surface to work with.
The advent and proliferation of cloud-based hardware management has allowed the streamlining of this process, lessening the load on internal IT teams and security staff.
5 – Theft, the old fashioned way
Though physical theft has given centre stage to its digital counterparts listed above, it is still a routine and destructive occurrence.
As technology becomes faster, cooler, quieter and more portable, so does the necessity for strict data control measures become much higher.
The cost of storage and speed of transfer has many users taking work with them wherever they go in the internal storage of portable devices, phones laptops, tablets, USB drives etc.
These devices are very easy to misplace which can have utterly devastating consequences if they land in the wrong hands.
Solid protocols for reporting missing/stolen devices, along with the enforcement of multi-factor authentication and device encryption will help keep this threat surface as small as possible.
In all cases above, the most important factor in the security of your organisation is the user, specifically the knowledge and understanding they have of each attack vector.
Proper education of users is vital to maintaining a security-first culture within your organisation. Your users are always the first and last line of defence. It is imperative they know this and have the knowledge required to handle the responsibility entailed.