Threat Intelligence Blog

Posted January 24, 2019

The New Year is often seen as an opportunity for a fresh start. Whether you want a healthier diet, to spend time on a hobby, or hit the gym more, your resolutions are your chance to “get things right.”

Your approach to cybersecurity shouldn’t be much different. In 2019, resolve to become familiar with these common attack vectors and smart security practices.


Business e-mail compromises (BECs)

These bogus inquiries may come in the form of an email from your immediate manager linking to your W2s, a consultant sending an invoice, or your CEO asking for to purchase something on their behalf. Either way, the bad guys are awfully clever at disguising themselves to dupe employees into unwittingly taking part in an unauthorized transfer of funds, or the disclosure of personally identifiable information (PII) and/or private company information. Employees with direct access to company finances are the most targeted by this scam, and tactics can range from spear phishing to identity theft and malware.

BECs accounted for more than $12.5 billion in global losses between October 2013 and May 2018, with more than 78,600 incidents reported to the Internet Crime Complaint Center (IC3) and additional international law enforcement authorities, according to the FBI. Make sure employees verify suspicious or unexpected emails by contacting the person sending the message directly (say, by phone) to confirm it’s legitimate. Discourage them from clicking on links forwarded from unfamiliar parties. Educate them to look for “bad email hygiene” in the form of sloppy grammar and spelling, as well as any strange and/or uncharacteristic wording.


Third Party Risk

The start of the year is also a good time to check in on the security posture of third parties, like partners and suppliers. According to the Ponemon Institute’s 2018 Third-Party Data Risk Study, 59 percent of companies have experienced a third party data breach, but only 16 percent are effectively reducing their risk. Third party breaches are just as damaging, if not more, than a direct breach on your network because of the lack of control you have over that external party’s security. Any vulnerability – an open port, a misconfigured certification – on that external network can act as a potential point of entry for malicious actors, both for the targeted organization and all those connected to or sharing data with them.

Take stock of third party contracts coming up for renewal and where possible make sure to build in requirements like audits, encryption, two-factor authentication, and ongoing verification, to increase security visibility and collaboration and mitigate the possibility of future data exposure before signing on the dotted line. Your plan should address existing gaps with regard to risk assessments, continuous monitoring/identification/detection, automated analysis, incident response, and data backup/recovery.


Password-based breaches

This will make the list as long as breaches continue to leverage stolen or weak passwords. The importance of password security increases as the Internet of Things (IoT) paves the way for more password-protected devices. Spread the word to your workforce about best practices –  updating passwords routinely; using difficult-to-crack combinations of letters, numbers and symbols; multi-factor authentication – and pitfalls – sharing passwords or leaving them exposed in obvious areas.


Legacy technology/applications

While not a new topic, the last few years has brought increased awareness around the existence of neglected legacy applications on organizations’ networks. The effect of ignoring these is similar to that of unpatched or non-updated systems – they are often exploited and used as an entry point to infiltrate a network. Just as cyber criminals are continuously advancing their attack methods, organizations must also to work to update and modernize their legacy systems so they can be effective in an evolving cyber landscape.

The best way to avoid this situation is to simply update old applications and systems. While a costly endeavor, it will ultimately pay off in the long run. Organizations can also invest in technology that can camouflage old systems with vulnerabilities while you work to update them.

Whatever your New Year’s resolutions, don’t leave cybersecurity off of the list. Educate employees and have a plan. Resolve to make this year cybersafe.


Additional Posts

Data Privacy Day: Protecting Your Executives

Today is Data Privacy Day, and we’re joining forces with hundreds of other companies, government ...

In the 21st Century’s ‘Great Game,’ Third Party Risk Explodes

The recent Shamoon attack on the Italian firm Saipem is a cautionary tale about the danger posed by ...