There’s every indication that the pandemic is changing the nature of cybersecurity. Online threats are evolving to match our new remote-work paradigm, with 91% of businesses reporting an increase in cyberattacks during the coronavirus outbreak.
Hackers are getting more and more sophisticated and targeted in their attacks. Many of these cyber threats have been around for a while, but they are becoming harder for the average user to detect. Beware of these four common types of cyber threats – and learn what you can do to prevent them.
Phishing takes place when a hacker tricks an individual into handing over information or exposing sensitive data using a link (with hidden malware) or a false email. These types of security threats are quite common, but in recent months they are becoming even more advanced.
Microsoft’s recent survey of business leaders in four countries found that phishing threats are currently the biggest risk to security. Since March, 90% of those polled said that phishing attacks have impacted their organization, and 28% admitted that attackers had successfully phished their users. Recently, phishing emails have targeted enterprises to capture personal data and financial information using one of the following tactics:
Posing as a provider of information about COVID-19 vaccines, PPE, and other health and sanitation supplies
Creating false “portals” for business owners to apply for government assistance and stimulus funds during the economic shutdown
Using download links for platforms and tools that help remote teams communicate, such as video conferencing
Posing as “critical update” downloads for enterprise collaboration solutions, such as Microsoft OneDrive, and social media applications
Targeting IT service providers that ask for payment in order to provide tech support.
Phishing is so effective because it can be very hard to recognize and targets individual people, rather than IT vulnerabilities. Yet, they are still ways to lower your risk of phishing.
How to prevent phishing: The best chance to prevent phishing attacks is to educate your teams on what to look for in a phishing message. Poor spelling and grammar, as well as an email address that doesn’t match the user, are telling signs of a phishing message. If an offer seems too good to be true, it is a good sign you’re being scammed. In addition to user education, you can add multi-factor authentication and other interventions to stop phishing messages from getting through. “Spam filters with sandboxing and DNS filtering are also essential security layers because they keep malicious emails from entering the network, and protect the user if they fall for the phishing attempt and end up clicking on a malicious hyperlink,” said one security expert told ZDNet.
Ransomware is a type of security threat that encrypts a victim’s files so they can’t access their information. The hacker then asks for a ransom – usually payment – to restore access and decrypt the user’s data.
Perhaps the most notorious recent example of a ransomware attack is that of Garmin. In July, Garmin – a navigation and fitness wearables company – was hit by a ransomware attack that downed service for virtually every Garmin customer. “Hackers deployed the ransomware tool WastedLocker, which encrypts key data on a company’s digital infrastructure,” reported Cyber Security Hub. “In the case of Garmin, website functions, customer support, and user applications were all affected. Unlike typical ransomware software, WastedLocker does not steal identifying information and hold it for ransom. Instead, it renders programs useless until decrypted.” Garmin reportedly paid $10 million for the decryption key to resume services after four days of outages.
Garmin isn’t alone, however. There’s been a seven-fold increase in ransomware attacks this year targeting companies of all sizes. So, what can your organization do to protect itself?
How to prevent ransomware: First and foremost, it’s important to make sure your security protocols are kept airtight – and apply security patches as quickly as possible to prevent hackers from exploiting vulnerabilities. A tool like Nightfall can make it easier to maintain a strong defense, with AI monitoring your network for any issues. Multi-factor authentication can also prevent hackers from getting too far into your system. And, you should regularly back up your system so if a ransomware attack does happen, you’ll be able to recover some data.
A password-based cyberattack is one that targets users who have the same password for multiple sites. Research from the World Economic Forum found that 4 out of 5 global data breaches are caused by weak/stolen passwords.
There are several different ways a hacker can infiltrate your system using a password-based cyberattack. The most common method is known as a brute force attack. This attack uses a computer program to try to login to a user’s account by trying all possible password combinations, starting with the most common and easiest to guess options – for instance, “1234” or “abcde”. Sensitive data like passwords, credentials and secrets are in constant danger of exposure, especially as more companies conduct the majority of their business in the cloud. The highly collaborative and always-on nature of cloud services make it hard to enforce good password practices. Therefore, organizations need data loss prevention (DLP) to secure essential data from being exposed.
How to prevent a password-based attack: make it easy for users and security teams alike to circumvent the risk of password attacks by implementing password-free authentication methods. This is a type of authentication that requires a user to confirm their identity during the login process through a separate channel. This extra step can also protect your workspace in case there’s any account compromised or if a device gets stolen.
The internet of things makes life a lot easier – and also more open to bad actors. Connected devices are an increasingly popular target for cyber threats. In 2019, cyberattacks on IoT devices increased by 300%, according to one report. This includes attacks on everything from laptops and webcams to smart homes (like Google Nest), smart watches, routers, and other home appliances.
Our personal devices aren’t the only things that are vulnerable. The Software Engineering Institute of Carnegie Mellon University reported, “As more devices are connected to hospital and clinic networks, patient data and information will be increasingly vulnerable. Even more concerning is the risk of remote compromise of a device directly connected to a patient. An attacker could theoretically increase or decrease dosages, send electrical signals to a patient or disable vital sign monitoring.” Healthcare providers must also contend with protecting patient data. As many healthcare providers shift to remote work, they become an attractive target for hackers. Protected health information (PHI) must be kept safe during all cloud-based activities – yet many SaaS providers, including Slack, are not HIPAA-compliant right out of the box.
How to prevent IoT attacks: IoT attacks are sophisticated, and the best ways to protect your devices are to use strong passwords and keep your software up to date. Experts also suggest keeping your devices unlinked from social media. Along with protecting your devices, look for a DLP partner who can protect your patient data while working on SaaS and IaaS platforms. Check out our coverage of instituting and maintaining HIPAA compliance on Slack and schedule a meeting below to learn more about how tools like Nightfall DLP play a role in keeping PHI safe.
Many businesses that have allowed employees to continue working from home for the foreseeable future are aware that they need to update their cybersecurity. It’s likely that they have allocated some budget and IT resources to make those necessary changes. However, IT budgets are finite. Given the economic disruption of the pandemic, enterprises must strategically decide where to invest their cybersecurity budget most effectively.
There are many different approaches to cybersecurity, and the way your business previously protected data may no longer work in a remote-work paradigm. Here’s how to understand how working from home impacts your data security – as well as some steps to take to make sure you are prioritizing the right things.
Types of cybersecurity
Cybersecurity can be broken out into categories based on what you wish to protect. Cybersecurity practices are commonly classified into one of these five areas:
Network or perimeter security: protection for your network traffic by controlling incoming and outgoing connections. This prevents hackers and malware from entering and spreading throughout a network.
Data security or data loss prevention (DLP): protection for your data by enforcing strict protocols and safety measures on the location, classification and monitoring of data (both stored data and data as it is used).
Cloud security: protection for data used in cloud-based services and applications.
Device security: protection for on-premises devices such as computers and servers.
Application security: protection for your apps from attacks with testing, app shielding strategies, and more.
There are many subcategories within these broad cybersecurity distinctions, but IT professionals tend to focus on these areas.
All these types of cybersecurity are important. When offices are working business as usual, most IT professionals tend to prioritize network security first; devices, applications, and data sharing are all linked through the same network, so protecting the perimeter makes sense.
As more people work remotely, however, investing in network security makes less sense. Data protection and cloud security are more important as our online needs are rapidly changing. With limited investment available, how should you prioritize your cybersecurity?
As one expert reported in Forbes, “To protect customers, employees, and reputations while ensuring compliance with evolving regulations, companies should shift their security strategies from an outdated reliance primarily on ‘perimeter protection’ to a companywide approach based on ‘secure data access.’”
As our online behavior changes, the threats evolve too. Cloud services, for instance, are becoming a new target for hackers. McAfee found that remote attacks on cloud services and collaboration tools, like Slack, increased 630% during the first four months of 2020. Employees are using their own devices and their own networks, so shifting your cybersecurity to focus on cloud security is a good first step to protecting data outside the office firewall.
Data loss prevention, DLP, is another key area for IT professionals. Your enterprise must prioritize building a strategy that prevents unauthorized access to and use of data. There are three key areas here to consider:
Data discovery: measures to identify PII and other sensitive data as it is collected and used across your organization.
Data transformation: measures to secure data by masking or anonymizing PII so only those in the company who need access to data have it.
Data access: granular controls that ensure the right people can access specific data or data formats – role-based and attribute-based measures.
In the immediate term, IT professionals need to ramp up cloud security and data security to accommodate remote employees. Here’s how to do it.
One of the easiest ways to improve your data security is by educating your employees. This effort takes time, but very little financial investment.
Teach your team ways they can improve their at-home security practices. Nightfall found that lax email policies contribute to a huge amount of data theft. Poor password hygiene for email accounts – like using “password1234” or another easily guessable code – is a big mistake that many people are (still) making. Companies are also not utilizing multi-factor authentication when signing into accounts. Lack of employee training and clear WFH security policies are further contributing factors to the increase in data theft via email.
Next, address changes to your network security by providing tools for employees to safeguard their personal devices. One study by Security Magazine discovered that 56% of employees are using their personal computers to work remotely in response to COVID-19. Moreover, nearly 25% of employees working from home don’t know what security protocols are in place on their device. IT teams should perform one-on-one audits with each remote worker to assess what security measures are in place and provide the tools and feedback needed to improve the cybersecurity of at-home networks and devices.
Lastly, add an automated DLP solution like Nightfall to dramatically improve your data security.
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack & GitHub as well as IaaS platforms like AWS. You can schedule a demo with us below to see the Nightfall platform in action.
“This article is originally posted on Nightfall.ai”
CNERIS is a company formed by young entrepreneurs from different sectors of the world of information. Our team consists of programmers, system administrators, graphic designers.