Cyber Attacks: What You Need to Know and Do

Posted by Patrick Parker on Fri, Oct 25, 2019

photo-1510915228340-29c85a43dcfe

Unsurprisingly, Verizon’s 2019 Data Breach Investigations Report doesn’t make for comfortable reading.

In 2018:

  • 43% of security breaches involved small businesses
  • 52% involved hacking (69% of the attacks proved to be the work of outsiders)
  • 33% were through social media
  • 28% involved malware.

(Verizon, 2019)

What’s also important to note is that C-level executives were 12 times more likely to be the target of a social engineering incident and nine times more likely to be the target in a breach caused by social engineering. Given this much higher target rate, it’s clear that modern cybercrime organizations are deducing that there’s higher value in a more targeted, high level attack (Barth, 2019).

Unfortunately, for many businesses, and despite the increased risks and chances of hacking, they are still using outdated methods and approaches. What’s worse is that some are even following the same approach to cyber security today as they were a decade or so ago.

As we mention in our Anatomy of a Cyber Attack white paper, that’s simply not going to work in today’s business theater. So much so that

Businesses Should Assume They Have Already Been Hacked and Are Currently Under-Siege

Seriously, that is the best, easiest, and most practical way to look at your security efforts to date.

Suffice it to say that, if information security is something you’ve been lackadaisical with up to now, today’s the day… [you need to change that]. You need to get wise to what’s happening. Before it’s too late.

Yes, there is a lot of information out there (much of it false), and though not having enough information can be fatal, the opposite is also true.  Either one can lead to 3 critical issues:

  • ineffective planning
  • insufficient mitigation of risks
  • inability to recover quickly following a breach.

With that last point, above, you don’t need us to tell you how important your customers are to your business.

In terms of numbers, Bryan Littlefield, CISO of Aviva, said that following a customer data breach, research suggests that of those customers who are thinking of cancelling their account with you, 50% of them actually will (Out-law News, 2015).

That long-standing relationship you’ve been building… destroyed.

That trust level you hold so dear to your heart and have painstakingly nurtured… gone, In an instant.

Cyber Security is Not Something That Only Others Do

Moreover, the days where security was considered to be extraneous or a separate arm of the business are long gone. Indeed, security must work as a  “…flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line.” (Sartin as quoted in Guta, 2019)

We do have more information on cyber-attacks (and you can download our paper at the bottom of this page), but for now we advise you to take this approach:

  1. Assume you’re already under-siege. You need to fight back.
  2. Work inside out. Adopt a defensive posture, start from the core, and ‘clear and secure your lines’, all the way to the external perimeter of your organization.
  3. All the while, rethinking your security approach and how you’re going to make it as hard as possible for the hacker/attacker in the future.

That’s what you need to do.

Naturally, you’re here on our webpage, on our site, so we’re going to offer advice on what works for us (‘us’ being our clients, customers, and partners) and what we ourselves recommend.

Identity Access Management and Zero Trust

We recommend Identity Access Management. In particular, what we call Zero Trust.

Zero Trust follows the 3 fundamental principles of never trust, always verify, and always enforce least privilege. (We have a white paper called Identity is the New Perimeter: Zero Trust is its Firewall where we talk more about that.)

In its simplest form, Zero Trust involves an identity verification and authentication portion. If these are incorrect then the rest fails.

With that in mind, let’s take a closer look at the anatomy of a cyber-attack (if you want to jump straight to the white paper, click here).

Caveat: before we go any further, we’re not for 1 second suggesting that you haven’t been taking security seriously. It’s just that as someone for whom this is our ‘meat and potatoes’ (or bread-and-butter, if you’re British), we know full well how overwhelming security can be.

Not least because of the rate with which the tech is changing, but also because of the myriad of terms and definitions, and all the rest of it.

That’s one of the main reasons we created this white paper. Others include helping you to cut through all that noise, to eliminate that chaff, so you get an easy to read, understand and digest picture off what’s going on.

The Anatomy of a Cyber Attack

The Anatomy of a Cyber Attack white paper covers the following:

  • An overview of cyberattacks and how the landscape is changing. One of the problems of today is that “As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed” (Sartin, 2019).
  • The architecture of the modern attack, including phishing and social Engineering
  • The danger of local admin privileges and cached passwords
  • Attacks to Kerberos and Active Directory
  • The consumerization of hacking
  • Can we keep the hackers out?
  • Assume breach – now what?
  • Other tips to discourage hackers. These include preventing users from being local admins, avoid group nesting, and use dedicated secure admin workstations for admin tasks, etc.

Understanding what constitutes a cyber-attack is just 1 weapon that you will need in your arsenal: it’s only one of the steps you must take. I hope you’re like me and, when you see people reminiscing on or about the good old days, you smile. I’m happy for them–seriously happy. From my own perspective, life outside of cyber security must seem a trifle mundane. Admittedly, I don’t dwell long, because what we’re seeing and experiencing in cyber security now is unprecedented. Sure, today might be a great day, but let’s use that time wisely and prepare for tomorrow, too.

Click on the link below to download the white paper:

Download the White Paper\

 

References:

Barth, B. (2019, May 9). Verizon Breach Report: Attacks on top executives and cloud-based email services increased in 2018. Retrieved August 19, 2019, from SC Magazine: https://www.scmagazine.com/home/security-news/verizon-breach-report-attacks-on-top-executives-and-cloud-based-email-services-increased-in-2018/

Guta, M. (2019, May 22). 43% of Cyber Attacks Still Target Small Business while Ransomware Stays On the Rise. Retrieved August 19, 2019, from Small Business Trends: https://smallbiztrends.com/2019/05/2019-small-business-cyber-attack-statistics.html

Out-law News. (2015, July 3). Info security professionals are business brand preservationists, says Aviva security chief. Retrieved from Pinsent Masons: https://www.pinsentmasons.com/out-law/news/info-security-professionals-are-business-brand-preservationists-says-aviva-security-chief

Sartin, B. (2019, May 5). C-Suite Beware: You are the latest targets of cybercrime, warns Verizon 2019 Data Breach Investigations Report. Retrieved August 19, 2019, from Verizon: https://www.verizon.com/about/news/verizon-2019-data-breach-investigations

Verizon. (2019). 2019 Data Breach Investigations Report. Retrieved August 22, 2019, from https://enterprise.verizon.com/resources/reports/dbir/

Tags: Data Governance, Identity and Access Management (IAM), Access Governance