A recent report into the threats facing IT professionals found that eighty per cent of organisations experienced a cyber security incident in 2015. The Spiceworks commissioned study “Battling the Big Hack” also suggests that the number of threats has not dented security confidence, with seventy one per cent expecting their company to be more secure against cyber threats in 2016. Why are we so confident? Preparation. Let’s have a look at how are going to make sure we are prepared for the war on cyber terror as we usher in a new year of challenges.
What Cyber Security Threats to Expect
With the cyber security landscape changing every day it can be difficult to keep a step ahead of attackers. Lets look at the predicted cyber security threats that will be hitting our systems in 2016 so we can prepare ourselves for what lies ahead.
IoT and BYOD
At the forefront of security professionals minds are devices which lack adequate protection and/or cannot be controlled. Though we have started to understand the risks of our employees using their own devices (BYOD – Bring Your Own Device) on the corporate network, we are still hearing reports of how these devices are allowing attackers to gain access to an otherwise locked down network. In 2016 as we see the proliferation of Internet connected coffee machines, thermostats, dishwashers, etc (IoT – Internet of Things), this type of threat is predicted to become even more apparent.
The problem is that IoT and BYOD devices lack suitable security software and thus offer themselves up as an easy target, they can often be accessed directly from the web. In the case of BYOD the device can be exploited while it is outside of the secure corporate network. As soon as one of the many devices of this type have been compromised they can be used as foothold to launch “land and expand” attacks on an internal network or be used as a platform to propagate worms and viruses into more valuable targets.
Apple devices targeted
According to a report by security firm Symantec and later confirmed by CVE details, the threat of hacking to Apple users has reached unprecedented levels in 2015. The report reveals that Apple has fallen victim to its own success, turning into an even bigger target as its user base grows. The threats identified apply both to mobile software iOS and to the desktop operating system OS X.
“The number of new Mac OS X threats rose by 15 percent in 2014, while the number of iOS threats discovered this year has more than doubled, from three in 2014 to seven so far in 2015.”
Apple users are lulled into a false sense of security by the old vestige “there are no viruses for Mac!“, a myth perpetuated by the advertising campaign which depicted a Windows PC as an overweight man with the flu. This statement has not been true for a considerable length of time, but driven by this myth, Mac owners continue to run their machines without security software. There are a number of enterprise grade antivirus options available to Mac users, yet adoption in 2015 is still lower than Windows by some margin. Apple themselves have consistently recommended users of OS X run an antivirus suite since 2003, and more recently in their support blog whispered the following:
“Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult” – from the horses mouth.
Attacks on cloud and virtualization infrastructure
Malware is now being constructed to escape from a virtual machine and access the hosts hypervisor operating system. This could mean that vulnerabilities within one client system (including a mobile device) could compromise an entire public or private cloud system. This is serious concern for cyber security professionals. Since the beginning of the mass migration to a virtual infrastructure, host systems have been protected by the layer of abstraction between the virtual machines and the hypervisor. This sacred barrier is now being transcended by malicious code designed to specifically target such systems. The majority of infrastructures are not protected from this kind of attack, systems that are often in control of the entire network of virtual machines.
Undetectable “Ghostware” and metamorphosing malware
New threats are emerging in the cyber security world; “ghostware” erases any indicators of compromise, making it difficult for organizations to track the extent of data loss or what systems are compromised. Another, similarly sneaky type of threat to emerge is malware that changes depending on whether it has been detected by security software. It can morph itself into safe code when it detects that it is operating inside a security protected “sandbox” created by security software. When the malicious code is checked and confirmed as safe, it is let loose on the operating system, at which point it morphs into its intended malicious code.
Windows 10’s Edge browser as vulnerable as IE
As ever Internet Explorer offers very little confidence on the cyber security front. As hard as Microsoft try to keep it patched, it still remains the most vulnerable web browser available. Not to mention the fact that while it remains the default browser in Windows, it is the most popular. Combine these two factors and this makes it the highest yielding target for attackers.
Microsoft promised that the Edge browser in Windows 10 would bring a greater level of security to Microsoft’s browsing experience, but recent recent reports suggest that the code it shares with Internet Explorer is unfortunately the vulnerable stuff that needs to be patched regularly.
Combine this with the fact that Microsoft’s critical updates are often ignored or delayed due to the poor user experience when your Windows PC installs updates, often rendering itself useless for various lengths of time. What you end up with is an out of date browser laid bare for attackers to compromise. The alternative options keep themselves up to date, quietly, tidily, without asking and without fuss and as such are intrinsically more secure.
Combating 2016 Cyber Security Threats
Segregate your IoT and BYOD devices
Devices that you cannot control or cannot secure must be segregated on a network that has no access to important corporate services and machines. A simple solution to tackle one of the most potentially destructive threats, but very rarely is this put in to practice in the real world.
Choose proven, proactive and up to date security software
Where you can secure your devices, including Apple and hypervisor machines, use proven software that keeps itself up to date and which has a centrally managed alert system to warn your administrators when a breach or malicious code has been detected. It sounds obvious, but so often we have seen high end security software that is out of date without any notification system set-up.
Use a security centric web browser
The default browsers in OS X and Windows have the highest user base, the greatest number of vulnerabilities and as such are targeted the most. Make it harder for attackers to compromise your web activity by using a browser that is both security centric, self updating and that is targeted less frequently. Bolster this protection by using anti-exploit and web filtering software to further prevent dangerous websites from executing malicious code on your machine.
Perform penetration testing of your public services
Attempt to breach your own network using all known techniques. Do this on a regular basis, the vulnerability landscape changes every day.
Choose the right IT support partner
Bristol Technology Group has you covered. We offer the following services to help keep you protected from cyber threats when online
- Enterprise grade secured VPNs
- Cyber security news @BristolTech
- Comprehensive IT support network
- Scheduled penetration testing services
- Free security audits to new customers
- Private, secure Cloud backup services
- Contingency planning and disaster recovery