Relax. Odds are the “Guardians of Peace” are not about to declare war on you.
Best known as the hackers who led an unprecedented cyber-security attack on Sony Pictures Entertainment late last year, the GOP, as they were also known, carried out the kind of data breach and network shutdown that was pretty much unheard of until now. It has no doubt caused many firms to reconsider how at risk they are from similar groups. Based on what I’ve read and reported on over the past year, I think the kind of dangers that should concern most enterprises are far less dramatic — though perhaps no less scary.
ZDNet recently did the best job I’ve seen of compiling all the various analyst and vendor reports that try to give a sense of IT security issues, ranking them in order of the most common predictions of what will hit data centres this year. The top prediction, cited by 12 of the 17 research studies examined, was “new attack vectors and platforms.”
In other words, cybercriminals are not merely doing to increasingly aim at corporate data; they are looking for ever-sneakier ways to get in. Here are three I’ve come across recently that bode ill for enterprise IT professionals:
Malvertising: Yes, it’s a strange-sounding word, but it’s basically the idea of taking “malware,” or malicious software, and distributing it via online advertising. Convince an employee to click on something intriguing, and code is instantly downloaded onto their computer that can take over their system and spread to other devices across the organization. Short of blocking Internet access at work, IT departments should look for common examples of malvertising incidents that have already happened and educate their coworkers ASAP.
Ransomware: This is how it works: You turn on your smartphone and find a pop-up that comes from the police, accusing you of some kind of online crime, for which you are required to pay a “fine” via PayPal or Bitcoin. Of course it’s not really the police, but this is an increasingly common technique for hackers who not only want to steal data but get actual money. I expect to see more ransomware strains targeting mobile devices of all kinds, which will trigger a surge in demand for various kinds of device protection and a renewed reliance on remote capabilities for organizations. As for the hackers, it’s only a matter of time because they demand sensitive records in place of finite amounts of cash.
‘Open’ doors: Last year Heartbleed and Bash both caused worldwide headaches for countless organizations that relied on open source technology developed by volunteer projects who may not have the resources to fend off the worst attacks. It would be senseless to imagine hackers aren’t looking for similar holes in a wide range of similar protocols and systems.
Almost-insider threats: Rogue employees (or former employees) have long been a problem for IT security professionals, because they often walk out the door with passwords or other ways of continuing to access the network. I’m predicting a similar possibility for what I’m calling “almost-insiders”: these are the suppliers, partners and even customers who are more deeply connected to enterprise systems than ever before, with poorly-secured profiles that might easily offer sophisticated cybercriminals a path to corporate data.
The Internet of Vulnerable Things: Wearable devices like Apple’s forthcoming iWatch and everyday objects that get connected to IP can offer a lot of advantages, but they will also likely become another endpoint that some organizations overlook as they conduct IT risk self-assessments.
The only thing that feels certain, unfortunately is that the nature of how hackers take over corporate networks evolves nearly as quickly as technology itself. That could mean that the biggest priority for network admins and other members of the IT department is to consider almost anything an attack vector until proven otherwise.