Sophos cautions firms against increased cybercrimes menace
This follows the huge number and variety of cyber attacks in 2016, ranging from a high-profile Distributed Denial of Service (DDoS), which use hijacked Internet-facing security cameras to the alleged hacking of party officials during the United States of America’s election.
The firm projected that destructive DDoS IOT attacks will rise; there will be shift from exploitation to targeted social attacks; financial infrastructure will be at greater risk of attack; exploitation of the Internet’s inherently insecure infrastructure; increased attack complexity; more attacks using built-in admin languages and tools; growth of malvertising and corruption of online advertising ecosystems, among others.
In 2017, the UK firm said organisations must among others move from layered to integrated security; deploy next-generation endpoint protection; prioritising risk-based security; automating the basics and building staff and process to deter and mitigate social attacks.
Accordingly, the firm explained that in prioritising risk-based security, no organisation possessed the resources to systematically protect everything, and 100 percent prevention is no longer realistic. It suggested the need to clarify the risks associated with each system, and focus efforts accordingly. Sophos claimed that risks change fast, hence the need to look for tools that track them dynamically, and respond accordingly.
Sophos said since social attacks now predominate, educating users and involving them in prevention is now even more important. According to it, there should be focused education on the threats each group is likely to encounter, by making it’s up-to-date: outdated guidance on topics such as phishing can be counterproductive, offering a false sense of security.
The software security firm observed that many organisations now possess multiple solutions that were once best-in-breed but are now too costly and difficult to manage. As such, it pointed out that moving towards integrated solutions where all components communicate and work together will help to solve this.
“For example, if malware knocks an endpoint’s security software offline, network security should automatically quarantine that device, reducing the risk to your entire environment,” it stated.
Sophos said as ransomware becomes ubiquitous and endpoints grow more diverse, organisations must refocus on endpoint protection, but signature-based solutions are no longer enough on their own, and can miss zero-day attacks.