Enterprise cyberattacks are growing more frequent, sophisticated, destructive, and costly, alarming global investors and c-suite executives alike. PwC’s 2018 Global Investor Survey found that investors see cyberattacks as the biggest threat businesses currently face, and business leaders place it in the top three, alongside over-regulation and terrorism.
Here are a few of the biggest cyber threats facing businesses right now.
Phishing
Hackers continue to rely on the old standby attack, phishing, because it works so well. Verizon’s 2018 Data Breach Investigations Report found that 90% of cyber-attacks originated with a phishing scheme. The FBI estimates that global losses due to business email compromise (BEC), a highly targeted form of phishing where hackers convince unwitting employees to send them sensitive data or wire large sums of money, have exceeded $12.5 billion.
Shadow IT
“Shadow IT” is a broad term referring to any software, device, or service being used on an enterprise network without the knowledge of the IT department. The cloud computing explosion has ushered in a new era of shadow IT. SaaS apps are plentiful, free or very low-cost, and easy for anyone to access and use. Over 80% of employees admit to using unauthorized SaaS applications on the job. Most of the time, these employees’ intentions aren’t malicious, but you know what they say about the road to Hell: Gartner has predicted that by 2020, one-third of successful enterprise cyberattacks will be launched on shadow IT resources.
Misconfigured Cloud Servers
AWS S3 “buckets” misconfigured to allow public access have resulted in major corporations and even federal contractors being breached, or at least leaving highly sensitive data exposed to anyone who thought of looking for it.
While AWS breaches make headlines, the problem isn’t with AWS; if an organization doesn’t set up their cloud server properly, they can be breached regardless of their cloud vendor. Many organizations still misunderstand the “shared responsibility” model that cloud services providers operate under. A cloud service provider is responsible for the security of their cloud, but the customer is responsible for the security of what they put in it. The onus is on your organization to exercise solid data governance, ensure that your cloud setup is properly configured, set appropriate user access privileges, and monitor user behavior.
Unpatched & Legacy Software & Operating Systems
It can be a challenge to keep operating systems and software applications up-to-date in an enterprise environment, but the risks of not upgrading or patching are very serious. The Equifax breach happened because of an Apache Struts vulnerability that was left unpatched for two months. The EternalBlue exploit impacts older, unpatched versions of Windows and was used to launch the WannaCry and Petya ransomware attacks; it continues to infect organizations running unpatched machines today.
Cryptomining / Cryptojacking
Cryptojacking, where hackers hijack enterprise machines and use them to illicitly “mine” cryptocurrencies, has displaced ransomware as the most common form of malware. Cryptojacking malware used to primarily target consumer IoT devices, such as smartphones, and it was largely an annoyance that slowed down infected devices and prevented users from accessing certain folders. However, today’s next-generation cryptojacking malware, such as WannaMine, specifically targets enterprise networks, and it can damage hardware and cause applications to crash.
Ransomware
Although cryptojacking has become more common, ransomware still presents a clear and present danger to organizations, especially government agencies, healthcare organizations, and critical infrastructure. Just ask the City of Atlanta, which spent $2.6 million cleaning up after a ransomware attack last year. A ransomware attack also crippled a North Carolina water utility as it was struggling to recover from Hurricane Florence.
Insecure IoT Devices
Connected devices are proliferating and becoming essential to every area of our lives. Yet IoT security — including security for smart medial devices, like insulin pumps — largely remains a Wild West, with no common set of standards. This lack of security poses real-world risks that threaten the adoption of IoT devices by consumers and enterprises. Nearly half of IoT buyers say that security is a significant purchase barrier, and 93% of executives would be willing to pay more for more secure devices.
Attacks on Operational Technology (OT)
Operational technology (OT) is the less “sexy” sibling of IT. A lot of people have never heard of it, and many IT experts have little knowledge of it, but society couldn’t function without it. OT is the domain of the systems and equipment that control manufacturing plants, mining operations, utilities, and other critical infrastructure. Cyberattacks on OT systems don’t just impact an organization’s bottom line; they put human health and lives at risk. OT systems face different cyber vulnerabilities and threats, and securing them is very different than securing IT systems. Air gapping, a common security measure, is no longer sufficient as a standalone solution.
@Credits: Teresa Rothaar
