At the beginning of 2016, I warned of key security threats that the world would face in the coming year.
As I look back at those predictions, I realize that there are still critical insights to be gained from the numerous attacks that occurred last year.
Read on to gather the lessons learned.
Control Systems Present New Vulnerabilities
As industrial networks move from closed, analog systems to connected, Ethernet-based solutions provide new opportunities for cyber-attack. In the rush to revamp smart grids, manufacturing facilities and automated control systems, I feared security often became an afterthought. Last winter, attackers overwrote firmware on critical devices at 16 Ukrainian power substations to leave 230,000 residents in the dark. Another group gained access to the UK rail computers that ultimately controlled the trains and track signals. While this breach seemed to be more exploratory than disruptive, it illustrates the dangers inherent in this type of attack vector.
Clearly, vendors are going to have to do a better job of redesigning security appliances to protect assets in these environments.
Data from Minors will Become a New Focus
This demographic is particularly vulnerable to attack. Having grown up in the digital age, they have no fear of divulging information online. Because they aren’t old enough to worry about credit, they would never dream of checking it to see if they’ve been compromised.
After the attacks on UC Berkley and the University of Central Florida, over 143,000 records of students, alumni and staff were stolen. And who knows how many of the 1 billion hacked Yahoo accounts belonged to under aged subscribers.
Going forward, I expect the rise of connected toys to present new vulnerabilities as hackers look to extract data for long-term use. Parents, vendors, service providers and educators will all have to do a better job protecting minors from being exploited.
State-Sponsored Terrorism is on the Rise
In 2015, we saw a new set of bad actors enter the stage – ones not motivated by greed but political gain. The Russian involvement in the US presidential election is the ultimate proof of how cyber-attacks can impact global events. Of course this story completely overshadows FireEye’s assertion that Chinese cyber espionage attacks on the US have declined over the last years.
If state-sponsored attacks continue to go unpunished, I expect these groups will become bolder in 2017 and beyond.
Establishing Traffic Baselines are Critical to Preempting Losses
Understanding what normal behavior looks like and continuously comparing current activity to that standard is critical for detecting both large breaches and the small anomalies that betray advanced persistent threats (APTs). This type of analysis could have helped organizations such as Verizon, Yahoo, AT&T and others realize that massive amounts of data were being copied and/or exported from their systems.
Looking back on the year, it seems as if everyone’s worse nightmares for 2016 were realized. A recent Bitdefender report found that one third of US companies were breached last year – and nearly 75% didn’t know how it happened. More than 4 billion records were stolen around the globe including the 19+ million US social security numbers that were compromised in the process.
To preempt security challenges in the coming year, my 2016 recommendations still hold true:
- Visibility is critical to detecting, identifying and remediating breaches as quickly as possible
- Anchoring security appliances with a network TAP is the only way to guarantee that they see 100% of the network traffic
Don’t let cyber-criminals steal your assets, ruin your reputation or comprise hard-won customer relationships. Mitigate risk with tips from our latest paper, Optimizing Network Design in Security Projects. Download it today.