2017 was a tough year, and 2018 has also been one with its own tales of cybersecurity. In the remaining part of 2018 and the rest of 2019, we are going to see more data breaches from sophisticated hackers. Security teams will have to adapt to keep up with the cybercriminals. We are going to look at four lessons that we can use to improve our cybersecurity status.
Spam is dangerous
More than half of all the emails sent are spam. IBM also estimates that spam emails that are sent with malicious attachments are 4 times more than the emails sent in 2008. This statistic suggests that the primary vehicle for most ransomware and malware is spam.
In the traditional setup, the domains that were registered within a 24 hour period were trusted by email gateways. This year, lots of domains were created with the same names as government bodies and banks to spread malicious emails.
In 2017, the biggest lesson about spam was that it is not a successful product made by solo hackers in a basement. It is a profitable business that is growing. To stay ahead of this threat, you need to review the defenses of your network and adapt to the phishing tends that change. There also needs to be user education because all emails that are spam need the co-operation of a user for it to be a threat.
The “dual factor” nature
Every day, hackers are finding new ways to find passwords. Phishing, brute force, keyloggers, and manual guessing are some of the techniques being used. Although tools and controls exist to prevent this, it is getting tougher by the day to guarantee the anonymity of passwords.
How can people mitigate this threat? Multi-factor authentication is the answer. When you use a 2FA across your desktops and internet apps, you will make it mandatory in all your devices. This technique aims to make a password useless on its own when hackers access it.
Make patches quickly
Patching is not easy. When you have a list of endpoints (PC’s, a web application scanner, laptops e.t.c) that are located in an estate or office building, with a network to reach all the endpoints, it is not easy to deploy the patches even while using the right tools. The vulnerability-to-exploit period has been growing smaller by the day. The vulnerability-to-exploit time used to be measured in months or years; this gave security personnel time to plan. The gap has now closed to hours and days.
The highly publicized NotPetya and Wannacry in May 2017 paid a huge price. The Wannacry ransomware alone was estimated to cost a mega $5 billion. As a company, what you need to do is to select a tool that deploys Microsoft and other third-party apps and ensure that you have enough resources to complete the process.
Backup your data
Even if you secure your system from external attacks, your data can get corrupted. So, it is important to have a strong backup and recovery strategy. Just as the Sony incident indicated it, it can be very hard for a criminal to compromise backups of data.