As the digital age ushers in new disruptive innovations such as cloud computing, the internet of things, biometric authentication and much more, cybersecurity is slowly becoming the biggest threat we, ordinary citizens, will ever face.
The issue that organisations, companies and governments face when trying to protect themselves from hacking or other malware is that the burden of work is on them. In order to have a successful defence mechanism you need to be able to protect all points in your network, whereas criminals need only to identify one weak point to achieve their goal.
This imbalance is only set to grow as we enter the world of big data and Web 3.0 where people, devices and appliances are more connected than ever. With objects such as fridges, cars, planes and even the lights in your home becoming connected to your personal network, protecting flaws has become exponentially harder, while exploiting them has become easier.
2016 was a particularly busy year in the sphere of cybersecurity with headlines dominated by state-sponsored intervention into the US election process. More common headlines described large organisations, in all markets from healthcare to car manufacturing, experiencing large scale data breaches (data from over 500 people/customers).
The first few months of 2017 have been no exception, with news of CIA/government surveillance techniques involving smart TVs and even accessing mobile phones thought to be secure.
What is the biggest cyber threat facing organisations?
Targeted hacking has become the method of choice for most cybercriminals and it represents the most sophisticated and organised way of achieving their focussed goals. In the cyber sphere, they are known as Advanced Persistent Threats (APT), with the key word being persistent.
How they work is that they target specific weaknesses in an organisation’s end point system, which allows them to keep a foot in the door as such. Once in, they can slowly work their way through the system towards their desired objective, taking as much time as they want. When they have achieved their goals, usually a data breach of some sort, they can then retrace their footsteps and cover up their tracks without ever sounding any alarms and leaving the weak point undetected.
Being ‘persistent’ means that the threats are able to spend extended periods of time within an enterprise system without being detected. This allows them to enter a network through its very weakest and most vulnerable point, then move laterally to the more secure parts where the data is stored.
The hackers tend to target the weak points through the use of social engineering and social networks to lure an unsuspecting customer/employee to click on a malicious link or attachment. All it takes is one click for them to get into the door without anyone noticing.
Another method employed is the use of zero-day exploits which are unpatched vulnerabilities in the code of the system. They are called zero-day because the author of the code literally has zero days in which to patch the vulnerability and stop it being exploited.
How businesses can combat an APT
Because hackers target the weakest link in any system – people – it is important to raise awareness within a business and its customer base about the potential threats and their implications. Many banks have implemented ways of identifying a secure email or website to ensure that users are not clicking on false-fronts. Complete social engineering awareness is very hard to achieve so unfortunately there is little chance of finding a ‘silver bullet’ for APT.
Sharing threat intelligence has become an active way of identifying and resolving weaknesses in the architecture of systems. Businesses in similar markets may often have similar threats and so informing each other of them can be an effective way of ensuring proactive measures are taken.
Having skilled personnel is a necessity when dealing with threats as advanced as APT. The number of job openings in cybersecurity, 1 million worldwide, indicates the shortage of skills in the sector. Initiatives are underway to try to encourage young people to consider a career in cybersecurity.
Finally, next generation data protection tools are needed in order to combat the constantly evolving threats that businesses face. New ways of storing, transferring and creating data are being used to increase the security of the entire process and lifetime of the data.
While none of these are sure to prevent an APT attack, they are a step in the right direction for businesses. Time is everything in the cyber world, so you should waste no time in preparing your business against the rising tide of cyber threats.