Over the course of the past month or two, a flurry of reports and surveys have been released detailing the biggest threats and security inefficiencies currently impacting cyber land. Specifically, the reports analyze exploitation trends, corporate IT security risks, the current state of ransomware, the lack of end-to-end segmentation strategies among businesses and the unique risks posed by the rise in drone use.
We took a look under the hood of five of these reports to pinpoint key statistics and findings and glean insights and solutions from industry experts. Read on for the top takeaways.
Malware authors are outsmarting you
On September 13, Bromium released its H1 2016 Threat Report containing an analysis of exploitation trends impacting the threat landscape. The key takeaway for business, IT and security managers? The need to be able to understand and navigate the ever-evolving threatscape is vital. Here are a few of Bromium’s top observations and tips.
Even with advances in protection methods, there are still large sets of vulnerabilities (516 were reported to the National Vulnerability Database in the first six months of 2016, compared to 403 vulnerabilities reported in all of 2015). The good news: there are now fewer ways to exploit these vulnerabilities. The bad news: malware authors have adapted to this by focusing more heavily on ransomware and attacking users via email spam and documents with macro-based threats. Hackers are also getting better and stealthier at identifying software vulnerabilities. Tied to that, almost all of the malware that Bromium saw was unique, which means that it’s changing rapidly enough to make it nearly undetectable.
Bromium’s advice? “Current malicious detection capabilities are not enough, simply because they rely on a “patient zero approach” where someone has to be victimized before the enterprise can respond to the threat. Instead, we recommend dramatically reducing the attack surface by isolating attacks and limiting the damage they can cause as an efficient way to prevent the spread of the attack and then using the threat information to accelerate response.”
IT Professionals Agree… sort of
A recent report commissioned by Avaya entitled End-to-End Network Segmentation Research reveals a massive, industry-wide gap in networking security protection. IT professionals are well aware of this and agree that end-to-end network segmentation is essential for security. Great! But hold on… what’s this? Only one in four IT folks actually employ these practices? A real head scratcher, considering the massive rise in cybercrime rates.
In the report, end-to-end network segmentation (the ability to create secure, network-wide “swim lanes” for applications or services) was cited by 400 IT professionals as an essential security measure. Yet, only 23 percent of respondents said they believe they currently deploy such a strategy, and 22 percent didn’t even know it was possible. The top reasons cited for not having a network segmenting strategy were understandable, but cringe-worthy all the same: 35 percent said it’s too complex, 29 percent said it’s too resource intensive and 22 percent said it’s too risky to deploy.
Companies’ traditional rigid network perimeter models have been turned on their heads due to cloud computing, outsourcing and BYOD technology. Because of these factors, control is spread too thin. All entry points are thus of some concern to the IT professionals surveyed in the study, with three in particular that jump out: employee email (50 percent), wireless connections (50 percent) and employee devices (46 percent). A proper end-to-end network segmentation deployment is essential for this “everywhere perimeter.” As Avaya puts it, it “creates safety zones that hackers can’t see, and therefore won’t be able to access.” Boom.
Malware is “having the best year ever”
Two weeks ago, the backup and disaster recovery experts at Datto turned the focus on the channel with the release of a report detailing the current state of malware and ransomware from the perspective of the IT service providers and small businesses that deal with these malware infections daily. The report, titled Datto’s State of the Channel Ransomware Report 2016, details the results of a ransomware survey involving 1,000 managed service providers (MSPs).
The report highlights the impact of the malware/ransomware epidemic and the devastating effects within the global small business community. A few statistics that stand out include:
- More than 91 percent of MSPs report clients have recently been victimized by ransomware.
- Forty percent experienced six or more attacks in the last year.
- Thirty-one percent of IT professionals experienced multiple ransomware incidents in a single day.
- Fewer than 1-in-4 ransomware incidents are reported to the authorities.
- The leading causes of ransomware infections in organizations are phishing emails and just good old fashioned lack of employee awareness.
The report provides best practices and solutions for businesses looking to ensure total data protection, business continuity and disaster recovery. Essentially, the standard preventative measures just aren’t enough anymore. “There is no sure fire way of preventing ransomware,” the report states. “The ransomware challenge requires a combination of innovative technologies and end user education. Businesses should focus on how to maintain operations despite a ransomware attack.” The key? A fast and reliable backup and recovery solution.
The IT security talent famine
Back in August, Kaspersky Lab released the first report of its 2016 Corporate IT Security Risks survey which reveals the realities of the IT security talent shortage and the financial impact of the lack of full-time security experts on staff. Some of the key findings of the report, entitled Lack of Security Talent: An Unexpected Threat to Corporate Cybersafety, include:
- Only 15 percent of the employees in an IT department of a large company are dedicated to security.
- Nearly half (48 percent) of businesses surveyed admit there is a talent shortage and a growing demand for more specialists (46 percent).
- Large businesses are paying almost 3X times more to recover from a cyberattack than those businesses with in-house expertise.
- A significant amount of cyberattack recovery costs is going toward additional staff wages to hire external expert help – on average costing $14K for SMBs and $126K for enterprises.
According to the press release issued at the time of the report, 48 percent of businesses admit there is a talent shortage and an increasing demand for more specialists (46 percent). “Proactively hiring new staff to employ experts before an incident, rather than bringing them in to pick up the pieces, significantly lowers the average IT costs and helps better protect the business,” states the release. “Overall, 68.5 percent of companies expect an increase in the number of full-time security experts, with 18.9 percent expecting a significant increase in headcount. Higher education is an important part of fulfilling such a demand, but this is also a call for a change within the security industry itself.”
Attack of the drones
Ok they’re not actually attacking, at least not in the stormtrooper sense. Yet…
Last week, Allianz Global Corporate & Specialty released its newest risk report Rise of the Drones: Managing the Unique Risks Associated with Unmanned Aircraft Systems. Ominous-sounding, isn’t it? The report examines key issues and trends surrounding the rapid growth and use of drones and provides insight into the related potential risk exposures in the private, public and commercial sectors.
According to the press release announcing the report, “the U.S. Federal Aviation Administration (FAA) forecasts that by the end of 2016 over 600,000 UAS will be deployed for commercial use alone in the U.S. – three times the number of registered manned aircraft.” So what does this mean, and how does it impact security? Think data security theft.
There is the “prospect of hackers taking control [of the drone] during flight, causing a crash in the air or on the ground,” states the report. “The term “spoofing” refers to attempts to take control of a UAS via hacking the radio or Wi-Fi signal and sending commands to the aircraft from another control station. Data can also be obtained by cyber-attack when it has been stored by the company gathering the data.” What an interesting, new-age problem to have. Almost seems like something someone cooked up in a galaxy far, far away...