Just when your IT team thought they had a handle on threats like phishing attacks and ransomware, a whole new class of cybersecurity risks has emerged. As 2019 gets underway, cybersecurity experts including those interviewed by Security Magazine warn that midsize businesses face a rash of emerging cybersecurity threats that are beyond what they’ve dealt with in the past and that new strategies may be required. From cryptojacking to attack loops, here’s how to prepare your organization for the future of cybersecurity threats.
1. Social Engineering Becomes More Sophisticated
Social engineering—when a criminal uses information they gather online to impersonate another person or more accurately target their threat to a specific victim—is becoming an increasingly common as part of cyberattacks. In some cases, reputable-looking social accounts are being used to impersonate brands to executives, who are then extorted to avoid a scandal being launched. Often, the scandal threat is based on information that’s made up, but could still result in brand damage. In some cases, as reported by CSO Online, networks like LinkedIn are being used for social engineering campaigns targeting government information. In online interactions, it’s important to be wary, safeguard your information and verify any troubling requests, including those that may be out of character for a particular person.
- Educate employees on what to look for to identify a social engineering attack.
- Evaluate what information is being shared online, via social media and other channels, and if it could be used against your organization.
- Avoid social media channels as a platform for double authentication to limit the ties from social accounts to core company systems.
- Put policies in place concerning how information can be shared or what approvals need to be in place for a transaction, such as a gift card purchase, to be processed. These can help safeguard against a difficult situation if an employee falls for a scheme.
2. Ransomware Scales Up with Ransomware-as-a-Service
A company is hit with a ransomware attack every 40 seconds, according to United States Cybersecurity Magazine. The publication also reports that ransomware attacks will cost businesses $11.5 billion by the end of 2019. Ransomware threats have taken significant amounts of time for IT departments to manage, and a convergence of resources has helped mitigate their threats to a degree. First, companies got serious about backup and Disaster-Recovery-as-a-Service, so they were never at a hacker’s mercy. At the same time, new tools emerged to thwart the threat, and it became difficult for ransomware instigators to make large profits.
Yet ransomware attacks, when they are successful, cost companies dearly. According to The Ponemon Institute, 32% of companies that get hit with a ransomware attack will lose a client as a result. While ransomware attacks are changing, they’re also scaling up. Today’s hackers now have access to software tools that allow them to mass produce ransomware with Ransomware-as-a-Service solutions.
One McKinsey analyst captures it perfectly: “For as little as $150, anybody can go buy code that is very effective at hacking. Effectively, this has commoditized the market for attack software, which is the armament of hacking.”
Midsize firms can protect against incoming ransomware threats in several ways:
- Continue to invest in anti-ransomware education for your employees.
- Run test security drills to find weak links and learn where more technology and training can be reinforced for better results.
- Leverage cybersecurity tools that protect against ransomware, and choose solutions that stay on the cutting edge. Comply with their updates and always keep your solution secure.
- Have a Disaster-Recovery-as-a-Service plan in place in case your network, information or devices are compromised by high-scale threats.
3. Cryptojacking Takes CPU Power
As security tools have gotten better and users more savvy about how to evade ransomware, a new threat is taking place. Cryptojacking uses a malware file to steal some of the computing capacity of the devices it infects. Those devices are then used to “mine” for cryptocurrency. Often, these attacks go undetected for weeks or months, since the only sign they’re occurring may be a slowdown in the device’s performance. One source reports that incidents of cryptojacking are up 8,500%. Detect and prevent cryptojacking at your midsize business by taking the following steps:
- Educate yourself and your team about cryptojacking. Put a plan in place to monitor this trend, as it’s still in its infancy, according to a report by CSO Online.
- Encourage employees who notice slowdowns or other signs to check in with IT. Ensure your help desk knows how to respond to potential cryptojacking threats.
- Use cybersecurity tools that have anti-cryptojacking capabilities.
- Use ad blocking extensions for web browsers.
- Deploy a network-monitoring solution that can further assess whether you’ve been targeted and help eliminate and isolate any threats.
4. Could Your Backup Be at Risk?
Your backup system used to be a safe refuge in a world of constant cybersecurity threats. As long as you have multiple backups, your information is protected even if the worst of an attack occurs—right? While that may have been true in the past, new ransomware that targets backups is further complicating security planning, data management and incident recovery.
New ransomware variants are increasingly targeting backups, reports TechTarget. Here’s what happens. Let’s say that your data is compromised in an attack. You eliminate the threat, and then go to restore from your backup. At that point, you discover malware has corrupted your backup and an unstoppable attack loop has been initiated. Preventing these backup attacks requires several types of planning:
- Have robust backup strategies that include duplication and multiple copies of information saved onsite, offsite and in the cloud.
- Scan your backups regularly to detect any threats.
- Look at developing processes that make it harder to initiate a backup attack, such as using naming variants that are harder to predict.
Having a strong cybersecurity plan in place is important, but it’s not enough. Today’s midsize business and IT leadership need to stay abreast of the latest threats and have processes and technology platforms in place to repel threats. Managed cybersecurity solutions can help ensure that you’re protected, and Disaster-Recovery-as-a-Solution services can develop customized strategies to get you back online as quickly as possible.