Even the best security isn’t a failsafe against determined hackers. Let’s take look at the top threats and vulnerabilities you might face in 2017.
Holding digital resources for ransom can be highly effective for hackers, especially if those resources are desperately needed in places like hospitals and banks.
According to an Osterman Research survey, ransomware affected 39 percent of organizations in the 12 months before the survey. The ransomware was most likely to enter an organization via desktop, and through phishing with email links and attachments.
Further, C-suite members were targeted more often than lower-level employees. However, it’s important to note that many survey participants weren’t certain of the entry point.
Because they are so dependent on their data, healthcare and financial services are vulnerable and thus prime targets. The hackers take a gamble that the organizations won’t have detection technology or backups of the necessary data and have no choice but to pay up quickly.
Interestingly, while U.S. organizations consider ransomware a high security priority (59 percent), only about 25 percent actually implement ransomware training or training that goes beyond the very basics, which suggests perpetuated vulnerability (see the Osterman Research graph below).
Verizon also addressed ransomware in its 2016 Data Breach Investigations Report. As the second most common type of crimeware attack, ransomware had the largest increase in Verizon’s data, and the company plans to continue tracking its impact.
According to Wired, ransomware is going to be one of the top security threats of 2017. With that in mind, let’s check out some protective suggestions from Carbonite:
- Be very careful with email links and attachments. Hackers use phishing techniques to make emails look like they come from trusted sources, and then include malicious links and attachments to spread ransomware.
- Ensure digital security is up to date and communicate security policies to employees. Even the most diligent security vendors and employees aren’t invulnerable, so make ransomware threats a part of regular conversation.
- Back up your most important files to safeguard against losses from ransomware attacks. Consider automatic backup systems that can also be rolled back to specific dates.
Increased attention will be paid to ransomware, though focus should be on the prevention of its initial existence. Focusing on zero-trust architecture for critical applications need to be the norm as these hacking attempts continue to cause havoc.
We talk a lot about generic credential theft and hijacking, but very little about Active Directory (AD) as an industry. Because so many organizations use this source of authentication and authorization, hackers know it’s vulnerable in 2017.
An AD breach can impact an entire enterprise, although many organizations don’t realize this. Criminals rely on human error, highly specialized tools and weak security to gain access to numerous business applications.
In a white paper on AD security, Quest delves into the concept of using both on-premises and cloud AD.
The issue is, while the cloud security might be top notch, the cloud data is still subject to the on-premises security, as the two storage solutions are synched. Additionally, access is often granted to employees who don’t really need it (54 percent), further degrading the security.
Why isn’t AD security top priority for more organizations? In our own ebook on the topic, we explore how AD is the largest security risk, and try to answer that question. In part, it’s because AD is seen as a utility and not a business growth driver. Further, there’s a lack of awareness, and no single owner or audit to answer to.
Our suggestion is to adopt a modern architecture with:
- Active Directory hygiene
- A secure administrative environment
- A way to protect domain controllers
- Building an isolated admin forest
The need for increased security and analytics around Active Directory will be a highlight as increased breaches occur due to golden ticket exploits, pass the hash or Kerberos manipulation.
In its 2017 Threats Predictions report, McAfee Labs offered the following predictions on cloud threats:
- As trust in the cloud increases, more sensitive data and processing will be there. Soon to follow will be increased hacking interest.
- Organizations will cautiously keep some data out of the cloud and within their own networks. Ironically, the public cloud probably has better security.
- Outdated authentication methods will be the weakest link in security. Keep a close eye on administrator accounts.
- In addition to the traditional north-south attack pattern, hackers will use an east-west pattern, moving between services and organizations.
- Cloud data breaches will be few in number but big in impact. This is due to the huge data stores they will access.
- The expansion of the Internet of Things means its security fabric will be more and more stretched. More connected devices mean more spots of vulnerability.
As more companies move to the cloud, the vulnerabilities of those properties become increasingly important. The ability for a hacker to infiltrate a cloud organization and have an impact on multiple organizations is a viable threat. Companies must choose whether or not to build secure private clouds for critical infrastructures, or explore a hybrid approach.
For more on the evolution of the private cloud, and how its security differs from that of the public cloud, check out our predictions for the coming year.
This is by no means an exhaustive list, and we have yet to see if these predictions will come true. Still, focusing security efforts on ransomware, Active Directory and the cloud are great places to start in 2017.