With the start of National Cyber Security Awareness Month (NCSAM) this week, there is no better time to visit how the threat landscape has changed and how organizations are defending against these threats.
The evolution of the cyber attacker’s motivation
In a totally connected world, organizations are more exposed to attackers / hackers than ever before. The number of entry points into an organization’s environment has dramatically increased due to cloud, mobile and social adoption, offering attackers multiple avenues to compromise critical assets or disrupt operations.
On top of that, attackers have become more sophisticated and targeted to achieve their objectives of compromising an organization’s Intellectual Property (IP). If we rewind back to the early days of cyber-crime, attackers were mainly script kiddies or college kids looking for attention or bragging rights to tell their peers that they have hacked into an organization’s IT environment. But the today’s attacker has evolved – criminals, nation states, and hacktivists comprise the modern day cyber criminal. Their motivations have changed to IP theft, sell Personally Identifiable Information (PII) for profit or damage / destruction to a company or nation.
Defending against the techniques of the modern cyber attacker
Advanced Persistent Threat (APT) is the ability of an attacker to use covert channels consistently to target a specific entity. The ability of an attacker to slowly compromise an organizations by staying hidden and mimicking normal user behavior makes it more difficult than ever for organizations to detect and investigate.
Against this backdrop of increased attack surfaces, sophisticated attackers, and targeted attacks, organizations need to take a multi-pronged approach to defend themselves against cyber-crime. Investments need to be made in bolstering the perimeter of the organization to keep the attackers out and at the same time investments need to be made to detect and respond to threats if the attackers have gotten past the perimeter. Traditionally, organizations have invested in perimeter based solutions to keep the attackers out, but attackers bypass these security controls. To combat this, organizations should have invest equally in building the defense perimeter, detecting a threat, and responding immediately.
Let’s shift the conversation a bit and create awareness for your organization on a common exploit called Ransomware. Ransomware is the ability of an attacker to gain access to an organization’s sensitive data, encrypt it, hold the data hostage, and then lock the users and organizations from accessing this data. The attacker will propose a “fee” or “ransom” to release the data. Ransomware is a common exploit that targets companies in the healthcare verticals, locking out patient records, and preventing the healthcare provider from providing services to their patients.
We at SoftwareONE encourage all our customers and partners to create awareness in your organizations about the risk of cyber-crime. It is not a matter of “if your organization will be compromised” but rather “when your organization will be compromised”. After all, we are in a connected world and everything is fair game for attackers. The more your employees are #CyberAware, the safer your organization is from attackers compromising your organization.