Cyber Threats are Evolving, So Too Must our Security Consciousness
Cybersecurity provides an accurate reflection of how we use technology in general and there have been a number of things that have changed in recent years. Consider for example the devices we connect from such as smartphones. While they’ve been around ever since the launch of the first iPhone, they’ve now come into their own as business enablement and productivity tools instead of just means to check email on the go. On the Apple Watch now, there are apps for ERP Solutions and even the identity solutions that Help AG offers have apps that are custom built for this device. The availability of such business applications on consumer devices is an indicator of the diminishing boundaries between the consumer and business worlds.
Simultaneously, behind the scenes, there have been dramatic changes to how we deliver technology. We have the cloud, which represents a paradigm shift, and IoT on which both consumers and businesses are now relying on to be more agile and smart.
The Changing Threat Landscape
In line with these changes in the way we utilize technology, cyber threat landscape too has been rapidly evolving. We now see attackers focusing more and more on four threat vectors-
- those that exploit user behaviour
- those that attack the endpoint
- those that target the end user’s identity.
- And then there are all of those smart IoT devices, which may be smart, but maybe not so secure
This results from the fact that as we move to the cloud, attackers need to find new ways to get to the data. Today, cloud vendors understand that in order to be successful with their solutions, they need robust security on their platforms. Especially when we are dealing with the A-brand vendors. Therefore it is no longer the service, but the user that represents the weakest link in the security chain and attackers have been quick to leverage phishing and social engineering attacks to exploit user behavior.
As professor Edward Felten from Princeton University states:
Given a choice between dancing pigs and security, users will pick dancing pigs every time”
Today we already know that attackers have shifted their attacks to the endpoint and the user identity – And as security professionals, we need to react to this. End users are still accustomed to having full privileges on their devices and expect to be able to operate these without any restrictions- for example, being able to download files and install software or execute unsigned macro’s in a word-application which can lead to file-less attacks.
For IT teams the risk is that such end user expectations present a big security challenge. The new focus of attackers means protecting endpoints- laptops, tablets, smartphones- is now a top priority.
We also see a new generation of attacks such as Meltdown focusing on hardware subsystems- meaning the processors, memory and circuit boards that power computer systems. This is particularly troubling as these vulnerabilities are significantly harder to patch. Another concern is that such patches can come with a substantial impact on the performance and costs; for example, Meltdown patches impacted the performance of AWS servers by 25%.
We also see attackers going after user credentials as this is where they can really achieve a ‘return on investment’ so to speak. With stolen credentials, they can gain access into systems and networks with all the users’ privileges, thereby opening up a treasure trove of data and the possibility of launching wide scale attacks into the network.
It’s Time to be Proactive
All these changes in attacking methods imply that governments, organizations and individuals will have to adapt as cyber threats evolve and attackers continue to find new and creative ways to execute their attacks. We must acknowledge our digital dependence and as we embrace more technology, we must also accept the security implications and responsibilities they entail.
This means keeping up-to-date with the latest cyber threats, by regularly following trusted sources on cyber security such as our biweekly threat advisory for example. We must also be conscious of our online activities and pay careful attention to the links we click, attachments we open and files we download. Understanding that the onus for protecting our data, identities and the myriad of digital services on which we depend is upon us, we must make a concerted effort to make security best practices a part of our everyday lives.