Security Threats and the Business Network

Security Threats and the Business Network 150 150 Simon Randall

According to Symantec’s 2013 Security report, there was a 42% increase in targeted attacks on businesses in 2012, with 31% of these aimed at companies employing less than 250 workers. There were 14 zero-day vulnerabilities found and one waterhole attack infected 500 organisations in just one day.

This highlights the fact that internet security remains one of the biggest challenges that face modern businesses, especially as the use of the internet and cloud services become increasingly important to the enterprise.

Further to the stats above:

·         32% of all mobile malware threats steal data

·         Windows PCs are now not the only target, Macs are also vulnerable

·         Phishing sites that ‘spoof social networks’ have increased by 125%

·         Web-based attacks grew by 30%

·         In 2012 there were 5,291 new threats discovered with 415 of these threatening mobile OS

The Loss of Confidential and/or Sensitive Data

The single biggest concern, was the threat of having confidential and/or sensitive data compromised. For example if personal data is stored as part of an enterprise’s service to its clients, any incursion which results in data being lost or stolen, would, in addition to the loss of confidence clients would have in the company in question, also create a breach of HIPAA and/or PCI compliance, which in itself, would have serious consequences.

Many businesses store cyber data that if accessed by unauthorised sources, could harm that business’s viability. This is of course not only of concern to IT professionals, but to business owners and employees too, whose continued employment could come under threat as a result.

Employee Error

The next biggest concern with regard to network security comes from the honest error made inadvertently by an employee.

This would include events such as employees saving data on an unsecured platform, or unknowingly exposing the network to a viral threat from a USB device. Some employees may lose or misplace their Smartphone, Laptop of Tablet. Any one or any combination of these scenarios could pose a threat to network security.

Add to this the increased use of social media and the kind of phishing mail that we’re commonly seeing that look authentic and like they are from a government agency, and employees can be caught out all too easily. The obvious answer to this is to create educational platforms and guidelines within the organisation which allow CEOs to ensure that employees know all the potential risks and how they commonly infect a business network.

Threats from BYOD Practices

The new BYOD phenomenon is something of a double edged sword. On the one hand it facilitates improved mobility and convenience, as well as enhancing productivity. On the other hand it opens up something of a can of worms with regard to the potential for exposing a network to any malware that may be lurking on the BYOD devices themselves.

Some 13% of IT professionals who took part in a 2012 CRN survey said that they believed their networks would face danger through the practice of BYOD in the coming year. One of the biggest problems is that IT departments are not always being consulted before these devices are being connected to the network. The threat this poses is obvious. Of course, the way to address this is to have a list of approved devices and a good Mobile Management solution in place so that when a worker connects to the network, all of the information is encrypted.

Networking in the Cloud

Whilst the cloud and security was a bone of contention for many companies in the past, this is something that has now calmed. The fact of the matter is that the Cloud service providers themselves hold the key to the security of networking in the Cloud. They must work closely with their clients in order to disseminate information downwards in order to raise both understanding, and awareness of the security methodologies they deploy, and what levels of protection they afford the Cloud user.

Cloud computing is (in general) much more secure than the average company as the data centres that company data is stored in tends to address security at a much higher level than the average on site network. This includes physical security as well as a layered approach and high-end hardware firewalls. Add to this that data centres are better at backing up data and have decent disaster recovery plans in place, and the cloud is no longer a technology to be wary of.

It does take some of the control out of the company’s hands to some degree in that data is stored away from the premises, but the information remains confidential and well-secured.

The Increasing Incidence of Cyber Attacks

Concentrated and highly organised cyber-attacks are becoming more commonplace. We hear about the most high profile attacks, but there are many more going on that we hear nothing about. These are not individual events whereby one lone hacker is responsible; they are highly coordinated, and in some instances even involve governments.

Fears of sophisticated cyber-attacks are running high, particularly in industries such as Internet banking. One security company (Trend Micro) forecasts that the mobile banking industry in particular will face an ever increasing cyber-attack threat level as we progress through 2014. They are predicting one major data breach every month throughout next year.

The Threat from Within

Many companies fastidiously prepare a multi-layered protection strategy to secure themselves from threats coming from the outside world, but in doing so forget all about the inside world – a very real threat made all the worse because of the fact that it stems from inside their defences.

 It’s the threat from a malicious employee, perhaps in response to maybe being given a notice of redundancy, or perhaps after having been handed a reprimand of some kind. Whatever the reason, the threat is a real one, and one which should not be overlooked. In the same CRN report, 5% of respondents said that an internal threat was the most likely source they feared in 2012.

The Old Fashioned Hacker

Last but not least there is the old fashioned, one-man dedicated hacker. With all of the attention that is being focused on highly coordinated cyber attacks, the determined singleton still poses a real threat too; a threat which many IT professionals believe their networks will be exposed to sometime within the next 12 months.

Saying that, many cybercriminals need no skill at all these days, as exploit kits that allow those with limited technical knowledge are freely available on the black market for little more than pennies. This of course increases the risk even more as those with criminal intent are not necessarily required to know how to hack or to create sophisticated phishing attacks.

The Criticality for Network Security to remain Current

Innovation is something that goes hand in hand with IT; the new technologies that are continually emerging, and the way in which they are deployed. Cybercrime evolves at a similar pace. Every step forward creates a matching foot fall whereby cyber felons seek to exploit any weaknesses. The need for vigilance – to install new generation firewalls – and to stay constantly up to date with latest security patches that are available, has never been more critical.

It’s sad to say that despite the efforts of security research labs around the world, cybercrime remains a step ahead. Governments were relatively late to the party when it came to realising the threats that crime such as this represent, so it means that we’re constantly playing catch-up. A really good example of this is set out in Mark Bowden’s book WORM: The First Digital World War as it became clear that the Conficker worm had the power to take down the entire internet if it was to drop its payload (which it never did and the creator of the botnet has never been discovered).

The Overall Cost of Cybercrime

Whilst governments and organisations are now a lot wiser to the threats that exist, it’s somewhat too little too late as the cybercrime industry is now potentially worth more than the international drugs trade. For businesses, this means that securing your network properly is vital, as attacks come from various sources and this mean that it’s necessary for staff to be educated too.