Over the past two years, we’ve witnessed some of the largest cyber-attacks in history. Some of these attacks have been very well publicised and are probably already familiar to you – Target, Home Depot, eBay, JP Morgan Chase, Sony Pictures, US Office of Personnel Management, Ashley Madison, and T-Mobile. However, with cyber security, one can never claim to have witnessed the largest attack, because a larger one may already be in progress.
With this in mind, I thought it would be prudent to look into some of these cyber-attacks and see what we can learn from them to help cyber security services detect future attacks before they even happen.
While it might seem that all cyber-attackers have the same objective, it is very important that the motive behind each attack is clearly understood. For example, a retail company is more likely to be hacked for access to its customers’ card information than it is for company information. Alternatively, if your organisation is a healthcare provider that handles both credit card information and health records, it is important to know that any cyber-attack is going to be aimed at gaining access to these, either separately or simultaneously. As such, when it comes to company and customer information, it is important to not only identify what information is at stake, but also what reasons cyber criminals may have for coming after it.
So taking this on board, here are my top three recommendations outlining what organisations need to do to in order to protect themselves from becoming the next victim of a very well publicised attack.
1. Employee Awareness and Training – it is still not happening nearly enough
A trend that is common among cyber-attacks is that the first step usually involves a phishing or a spear-phishing attempt from the attackers. The attacker sends a seemingly innocuous email to employees (at varying levels of seniority, depending on the target), who then access the email and inadvertently download malware that gives the attackers access to secure data, sometimes using the employees’ own credentials. Even today, with all the publicity around attacks, email security and secure policies and practices are lacking. It may seem blatantly obvious, but organisations need to make sure that all employees, specifically those with access to sensitive information, go through proper training on secure practices. This training should be just as important a part of the organisation’s cyber security policies as the technology and solutions the company is using to protect itself.
2. Security Checks and Password Power – inadequate passwords leave you open to attack
Another major access point for attackers is weak security practices, such as weak passwords or flawed verification and authentication processes. When it comes to weak passwords, I can only reiterate what the whole security community has always said, that is to ensure you have a long password using a combination of alpha-numeric and special characters, and to change this regularly. The importance of this practice needs to be made very clear to those handling sensitive data. As for flawed security processes, it is essential that all protocols are checked thoroughly and regularly.
3. Third Parties can Compromise Security – make sure that you have the necessary security practices in place
A vulnerability that your organisation cannot directly control, but nonetheless must attempt to defend against, is access to your company through an external or third-party individual – such as a PoC with access to your organisation’s website. It is imperative that absolutely anyone with access to any part of your organisation’s secure data be thoroughly aware of necessary security practices. This is one of the most overlooked yet most difficult threats for companies to protect themselves against, with data boundaries today extending to home networks, personal and mobile devices, third parties and various other points of exposure.
Many well-known cyber-attacks can be traced to inadequate security controls, human error and deviations from set procedures, and so rigidly following established security practices can go a long way to ensuring that cyber attackers have a tough time breaching your organisation’s data. In today’s world of ever-increasing security threats, it is no longer a question of if, but when. The combination of strict adherence to security policies and procedures, as well as strong and reliable cyber security services and products, will help your organisation to stay secure and to carry on with business as usual, without worrying about whether your data and applications are about to be the next big hit.