NCSAM—Week 3: Today’s Predictions for Tomorrow’s Internet
The Lastline Daily Dose program supports National Cyber Security Awareness Month (NCSAM) with daily tips and advice to help individuals and organizations detect and prevent malware-based cyberattacks. Throughout October, Lastline will offer a daily dose of advice via Twitter (@Lastlineinc), LinkedIn, Facebook, and other social media channels, aligned to the weekly themes established by the Department of Homeland Security.
The theme for week 3 of NCSAM is Today’s Predictions for Tomorrow’s Internet. Here are our daily doses of advice for October 16-20.
Tip 11: Everything connected to the Web is a possible malware entry point. Secure or isolate IoT devices like thermostats & webcams.
Many smartphone users are still getting accustomed to the fact that their phone is now a computer, connected to the Internet, and therefore vulnerable to malware. Now apply that concept to the exponentially larger number of IoT devices.
Unsecured IoT devices — webcams, Web-connected music players like the Amazon Echo, even e-thermostats – present the risk of the device being used to spread malware and infect other devices or launch a DDoS attack. If consumers are paying ransoms now to free their encrypted files, what will they pay when a pacemaker or self-driving car is taken over?
Manufacturers need to improve the security of their devices, and users – businesses and consumers – need to understand the risk and secure their IoT devices.
Tip 12: New malware doesn’t rely on sandbox-able files or links. Security tools also need to detect browser-based attacks.
Most malware detection and prevention technologies work by examining files such as downloads or attachments. However, browser-based threats don’t necessarily use files, so conventional security controls have nothing to analyze. Unless organizations implement advanced tools that don’t rely on analyzing files, browser-based attacks will likely go undetected.
Learn more in our recently authored article on this topic.
Tip 13: Attacks against mobile devices will increase as security capabilities provided by OS and app developers fall short.
Smartphone operating system developers are doing what they can to ensure the security of their devices, but given the volume of apps available on their platforms, they simply can’t vet everything. They need to rely on the app developers to secure the connections and data each manages.
Despite developers’ best efforts, we anticipate that the risks presented by mobile devices will get worse before they get better given users’ increasing reliance on them for an ever-increasing range of activities and engagement. They simply are too attractive of a target for criminals, inviting their utmost creativity and innovation. Recently a scheme has been discovered where criminals release apps that initially are benign, and then once they get traction and adoption increases, they turn on the malicious capabilities or add them via upgrades.
Tip 14: Outsource Incident Response to ensure the right skills are on hand to respond to increasingly sophisticated attacks.
As criminals continue to increase the sophistication and pervasiveness of attacks, your ability to respond – quickly and effectively – becomes critical for mitigating potential loss and avoiding brand-damaging public exposure of a data breach. When you’re attacked, it’s essential to have the right skills immediately available, which is not always an option with in-house staff. As a result, many large organizations are now outsourcing Incident Response.
IR specialists, like MSSPs, have the right tools, they have more awareness of current techniques due to their supporting multiple companies, and they have the deep expertise often required. A skilled IR team will ensure you’re prepared for an attack.
This Forbes article recommends 5 security functions to outsource, including Incident Response.
Tip 15: Assume your cloud providers are not security experts and augment their capabilities to secure your data.
As you migrate more business functions to the cloud, understand that cloud providers are not security experts. Yes, they provide some level of security, but you have to plan with the expectation that what they’re doing will be inadequate against today’s skilled cybercriminals. To emphasize the point, a recent InfoWorld article highlights 12 specific security risks associated with using cloud-based applications.
The simple truth is that your data is now outside your corporate perimeter, so you have lost some control over how it is secured. Understand your cloud providers security capabilities and know what you need to do to supplement it. Or press the providers to fill the gaps in their security architecture, either on their own or by partnering with and integrating security technologies.
Follow Lastline on Twitter (@Lastlineinc), LinkedIn, or Facebook to automatically receive your Daily Dose of advice throughout the month of October. Or go to www.lastline.com/DailyDose where we’re compiling all of the daily advice throughout the month.
—More CyberAware NCSAM Tips—
Latest posts by John Love (see all)
- Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say - May 20, 2020
- Morning Cybersecurity - May 20, 2020
- Texas regulators tamp down authority of proposed cybersecurity monitor as PUC nears vote - May 13, 2020