6 growing threats to network security

 

Connecting state and local government leaders

The network has become not only a target but also a channel for disruption -- distributing DDoS, phishing, ransomware and other types of malware attacks.

The modern, globally connected digital world demands that business applications, data and services be constantly available from any location, which means networks must span multiple hosting environments, fixed and mobile devices and other forms of IT infrastructure. But just as networks are a key enabler for the enterprise, they are also a source of extended risk. Hackers, cyber criminals and state-sponsored actors are constantly spawning new network attacks to compromise, steal or destroy critical information and disrupt organizations for their own ends.

The network has become not only a target, but also a channel for disruption: It’s a primary route of distribution for distributed denial of service (DDoS), phishing, ransomware, worms and other types of malware attacks.

Last year was arguably the most dangerous ever to be a network administrator, given the growth in new attack methods being directed at public- and private-sector IT systems. Cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017, according to the Online Trust Alliance. And there is every sign 2018 will end up just as perilous as new threats emerge. Network managers should take a good, long look at their security infrastructure and upgrade plans as they  prepare to respond to the following six network threats:  

1. DDoS attacks are proliferating.  The volume and strength of DDoS attacks are growing as hackers try to bring organizations offline or steal their data by flooding websites and networks with spurious traffic. Two factors are helping criminals in their endeavors. One is the widespread availability of “DDoS for hire” services, whereby hackers rent out their skills for very low sums of money. The other is the growing volume of internet-of-things products with poor security defenses that are being attached to device-to-device, edge and core networks. Botnets that hijack vulnerable IoT devices can spread quickly via the network and quickly infect hundreds or thousands of products before directing spurious traffic at target websites and infrastructure.

Remedy: Be sure to create a DDoS mitigation plan. Protect networks against DDoS attacks by monitoring and controlling LAN/WAN traffic flows and device bandwidth consumption to receive earlier warnings of attack.

2. Network-based ransomware is designed to destroy systems … and data. Self-propagating ransomware attacks that quickly spread across systems do not rely on humans to click a button, download a file or plug in a USB stick. They just need an active and unpatched workstation (think WannaCry and NotPetya) and an automated software update. Many security researchers believe that the primary purpose of some ransomware attacks is not to extort money but to deliberately destroy data on infected systems.

Remedy: Perform regular backups of mission-critical data, ensure all systems and applications are patched and up to date and use vulnerability assessment tools to find gaps in defenses. It’s basic stuff, but it couldn’t be more vital.

3. Malware is evolving, with activity masked by legitimate cloud services.  Today’s business needs have changed the way enterprises send and store sensitive data, with more organizations using off-premise cloud-hosted repositories and services (with or without the consent and direction of the resident IT department). But these are also popular services hackers can use to register accounts, start web pages, encrypt their malware, hide domains and IP addresses and cover their tracks by deleting the account afterwards – all at low cost, pay-as-you-go prices. And popular cloud services like Google, Twitter and DropBox are also difficult for security managers to block, leading to a multitude of vulnerabilities.

Remedy: Threat intelligence monitoring and analytics are more advanced than ever before. These services  can identify suspicious behavior that could indicate legitimate services disguising hacking activity.

4. Insider threats show no sign of diminishing. Insider threats are said to be responsible for anything from 25 to 75 percent of enterprise data breaches and are usually driven by financial gain, industrial espionage or just plain incompetence or misuse. But the majority of network security defenses remain configured to protect the perimeter from external, rather than internal, hackers -- those who already have legitimate, authorized access to their organization's networks and often operate under the radar with few or no limitations on the information they can access or transfer.

Remedy: Prioritize critical assets, implement a formal insider-threat program, document and enforce security policies and controls, monitor employee activity at the network and host level, and raise inside threat awareness among staff through training.

5. Encryption is meant to enhance security,  but it’s also helping hackers to conceal their communications. We’ve seen a big rise in the percentage of network traffic that is encrypted -- a natural consequence of organizations protecting sensitive data by scrambling communications. But this approach to securing data cuts two ways, with threat researchers also noticing a threefold increase in the volume of encrypted network communication employed by malware in 2017. Encryption gives hackers more time and space to operate prior to their eventual detection and remediation.

Remedy: Use machine learning and artificial intelligence to identify unusual patterns in encrypted web and network traffic and send automatic alerts to security staff if issues merit further investigation. Automation really is the future of network security.

6. Cyberattacks get personal as social engineering targets executives and HR. Malicious emails are vital tools for hackers because they take malware straight to the end point. Hackers are identifying high-value (and vulnerable) individuals within organizations, commonly hiding code in Microsoft Word, PowerPoint and Excel file extensions as well as PDF documents and archive files. Business email compromise attacks are increasingly being employed to impersonate a trusted identity (like CEOs, HR departments or tax authorities) to encourage targets to make payments or share sensitive information. Meanwhile, email account compromise tools can usurp a hacked (but legitimate) email account to circumvent other cybersecurity defenses and deceive intended victims. It’s a continually growing concern.

Remedy: Raise user awareness of the risks through formal training programs and email usage policies, set email spam filters to high and keep software and systems up to date. Network security is a continual process -- agencies must stay on top of it to stay ahead of the hackers.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.