The New State of Cybersecurity: Bursts, Worms and Mobile Threats
Cybersecurity always moves at breakneck speed. A new report recently examined the pain points of 3,600 security experts worldwide and revealed some good news and some bad news about how companies are managing risks and responding to threats as the cybercrime landscape shifts.
Among the positive findings of Cisco’s “2018 Annual Cybersecurity Report” is that 53 percent of security professionals now use the cloud for improved protection, and 34 percent rely on machine learning to both simplify and speed security response. But there’s another side to the story: Burst attacks and malware cryptoworms are on the rise, while mobile owns the top spot as the most difficult area to defend.
What Are the Top Security Concerns?
The report revealed that 42 percent of organizations experienced short-burst distributed denial-of-service (DDoS) attacks in 2017. In addition, malicious actors are finding new ways to spread malware by developing cryptoworms capable of self-propagating across networks. Unlike traditional attacks, which require human actors to click on links or download malicious attachments, cryptoworms can infect networks via any active, unpatched workstation.
Another issue is encryption. The first line of defense in securing data in transit and at rest, encryption also provides the framework necessary for cybercriminals to hide malicious code. The study noted a threefold increase in encrypted network communication used by malware.
The report also addressed familiar attack vectors such as insider threats. Despite the fact that less than 1 percent of insiders were flagged for suspicious downloads, these actors each accounted for an average of 5,200 document downloads.
Insecure mobile devices, meanwhile, are increasingly difficult for security professionals to defend. That’s because they’re typically owned by users, leverage a wide variety of operating systems and lack the systematic regulation characteristic of traditional workstations.
The result is a cybersecurity landscape in which 53 percent of attacks result in damages over $500,000, to say nothing of the time needed for remediation, potential impact to brand reputation and downstream consequences if cybercriminals leave behind persistent infections.
Addressing Emerging Cybersecurity Risks
With the complexity of cloud deployments making it easier for attackers to breach network defenses and new Internet of Things (IoT) threats on the horizon — in addition to bursts, worms and evolving mobile threats — how can companies push back and reduce the chance of compromise?
The report noted that organizations must address the cybersecurity skills gap by promoting better collaboration between security and network teams. Advancements in security technology can also provide some relief. These include:
- Automation. IT security perimeters are complex, variable and continuously expanding. As a result, security professionals can’t do all the heavy lifting. CSO Online pointed out that routine tasks such as traffic scanning and threat reporting are best handled by automated solutions with throughput to prioritize critical security alerts and only notify IT teams when necessary.
- Machine learning. As noted by Business Review, machine learning offers the potential to improve security system functionality over time by giving network defenses the ability to both recognize common attack vectors and discover new threats as they emerge.
- Artificial intelligence (AI). More encryption means less visibility. According to the Cisco report, enterprises are now leveraging artificial intelligence to detect anomalous patterns in large volumes of encrypted traffic. AI tools can also help organizations automate patch management.
While some of Cisco’s findings are encouraging, the report emphasized that attackers aren’t resting on their laurels. Instead, they’re designing better burst attacks, evolving malware worms and leveraging malicious code to infect mobile devices. Organizations must continue to push the envelope and invest in modern security technologies if they expect to keep pace.