Story image

No favourites here: What makes up the art of cybersecurity warfare

08 May 17

Regardless of where people live or what they do, the risk of falling victim to cyber security attacks is always prevalent. According to a report by the Australian Cyber Security Centre, 90 percent of major Australian businesses and government agencies have been targets of industrial espionage, hacking or security breaches in the past year. At least 60 percent of organisations surveyed experienced tangible impacts on their business due to attempted or successful compromises, despite rating the incidences as relatively low in severity.

Make no mistake, the cyber security war does not play favourites and no one is safe. The only way to try and combat the threats is by accessing what has happened in the past and plan for the future. In the end, it is a constant foot race of trying to stay one step ahead of the hackers. In order to do this, it is important to embrace the positives, learn from the negatives, and plan for what the future holds.

What we did right

Cybersecurity teams leveraged new technology and procedural improvements to gain important ground throughout the past year. The hospitality and retail industries who suffered last year from Point of Sales (POS) Malware will be happy to know as a result of heightened security measures the risk has dropped significantly.  According to the 2017 SonicWall Annual Threat Report, the number of new POS malware variants decrease by 88 percent since 2015 and 93 percent since 2014. 

Another positive found was the disappearance of major exploit kits Angler, Nuclear and Neutrino after cybersecurity investigations exposed the likely authors, leading to a series of arrests by local and international law enforcement agencies. In the absence of large exploit kits some smaller kits are trying to fill the void and by the third quarter of 2016, runner-up Rig had evolved into three versions employing a variety of obfuscation techniques. However, the decrease in dominant exploit kit families experienced earlier in 2016 is a great win for the cyber security industry.

What we did wrong

Unfortunately, cyber criminals made extreme advances in the deployment of ransomware. The 2017 SonicWall Annual Threat Report shows, ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016. The reason for this increase was likely a perfect storm of factors, including the rise of ransomware-as-a-service (RaaS) and mainstream access to Bitcoin.

Another possibility for the rise in ransomware is that cyber security professionals were cutting off other avenues for cyber criminals to make money and so in desperate times, criminals turned to ransomware. 

In October 2016, people that used the likes of Reddit, Netflix, Twitter or Spotify experienced another of the top threat trends. Mirai, a botnet that affected IoT devices was leveraged to mount multiple record-setting distributed denial-of-service (DDoS) attacks. The root cause leading to the Mirai attacks was unquestionably the lax security standards rampant in IoT device manufacturing today. Specifically, these devices do not prompt their owners to change their passwords, which makes them uncommonly vulnerable.

The next step

As with any arms race, advances made by the good guys are often offset by advances made by the bad guys. This is why it’s critical for companies to not become complacent and remain alerted to new threats and learn how to counterattack.

It’s worth noting that the technology already exists today to solve many of the new challenges cyber criminals threw at victims in 2017. For any type of new advanced threat like ransomware, it’s important to understand that traditional sandboxing solutions will only detect potential threats, but not prevent them.

In order to prevent potential breaches, any network sandbox should block traffic until it reaches a verdict before it passes potential malware through to its intended target. It is imperative to understand that as cyber security professionals find solutions a cyber criminal will always be up to the challenge of creating the next cyber threat.

To your battle stations

Education is a key first step toward preventing cyber attacks. As discussed earlier, it is not a matter of if but when you get targeted. It is important for businesses to take the time to have training with every team member of the organisation on security best practices for email and online usage.

Implement the technology needed to protect the network. And most importantly, stay up-to-date on the latest threats and cyber security innovations shaping the landscape. It’s important to remember the good, learn from the bad and plan for the future.

Article by Scott McCrady, vice president APJ, SonicWall.

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.