Alfredo Vistola, Senior Security Solutions Architect, F5 Networks, highlights the top security threats freaking everyone out this Halloween.
Global business leaders are breaking out in cold sweats at the many and mutating cyber-threats creeping into view. Everywhere you look, stolen data, hidden crime and horrifying attacks are all keeping executives awake at night.
As we apprehensively tiptoe towards Halloween, Gartner is predicting that global information security products and services spending will rise 7% this year to hit $86,4 billion, reaching $93 billion in 2018.
2017 is one of the most challenging cybersecurity years on record, yet many organisations still lack the wherewithal to properly tame or exorcise their IT demons. Although tempting, now is not the time to hide under the covers. We need to stand up and confront fear head on, alchemise terror and get into the spirit of opportunity.
The cloud can be an apparitional shape-shifting mess if handled incorrectly. The certainty of network security perimeters is long gone, and applications are now where data is at its most vital, accessible and vulnerable.
An effective cloud architecture strategy increases business agility and provides flexibility to scale based on shifting hardware, software and on-demand requirements. It entails gaining strong intelligence on network traffic via solutions like Web Application Firewalls (WAF) with an extensive functionality. Risk must be mitigated via dynamic, centralised and adaptive access control and cloud federation for all applications, wherever they reside. Security policies need to follow apps to secure user authentication and protect against fraudulent activities, irrespective of location or device. Next generation DDoS solutions must shield against the most aggressive ghoulish gyre and targeted attacks. The right approach is a comprehensive multi-cloud solution that drives innovation and adds customer value.
For the uninitiated and unprepared, the General Data Protection Regulation (GDPR) is already a recurring nightmare. On 25th May 2018, organisations conducting business across Europe or wishing to engage with EU customers must notify regulators within 72 hours of a data breach impacting employees or customers.
GDPR disclosures must describe the nature of the breach, the number of data sets compromised, contact information of directors responsible and any ameliorative measures. Potential fines could be up to be 4% of global revenues or €20 million, whichever is greater.
Earlier this year a F5-commissioned data privacy survey among 3,000 consumers across EMEA highlighted significant levels of confusion, apprehension, and mistrust over organisations’ abilities to keep credentials safe. Over two thirds (67%) of respondents said that sharing third party data without consent would qualify as “misuse” when asked about GDPR concerns. Furthermore, consumers believed that banks (77%), followed by healthcare (71%), and public sector and government (74%) needed to field better authentication capabilities. Across EMEA, 88% of consumers felt strongly that organisations should improve authentication to improve security.
Businesses should now be deep into a risk-based preparatory strategy, including implementing secure procedures and controls to protect sensitive information. They should also try to ditch the dread. Disruption may be looming but, if handled correctly, organisations can tap into new markets knowing that they are compliant and demonstrate to customers they have the necessary security controls in place to safeguard vital data.
Things that go bump in the night
In its latest Threat Intelligence Report, F5 Labs indicates that Europe is a growing hotspot for potential Thingbots, which are built exclusively from IoT devices and are fast becoming the cyberweapon delivery system of choice for today’s botnet-building attackers.
According to F5 Labs, there were globally 30.6 million IoT brute force attacks launched between 1st January and 30th June harnessing devices using Telnet, a network protocol providing a command line interface for communicating with a device. This represents a 280% increase from the previous reporting period of 1st July to 31st December 2016.
Mirai and Persirai are currently the most diabolical Thingbots on the map. Mirai gained notoriety for commandeering hundreds of thousands of IoT devices (mainly CCTV, routers, and DVRs) in September 2016. Persirai is an adaptation of Mirai, sharing code as well as command and control (C&C) servers to target more than 1000 different IP camera models. According to the F5 Labs Threat Intelligence Report, 600.000 hosts were infected as of 30th June 2017. While undoubtedly widespread and significant, the attacks so far do not align with the deadly duo’s true scale, indicating that new threats are forthcoming as bad actors move from “recon” to “build only” phases before resuming battle.
Clearly, massive Thingbots will continue being built until IoT manufacturers are forced to secure relevant devices, recall products, or bow to pressure from buyers who simply refuse to purchase vulnerable devices. In the meantime, responsible organisations can protect themselves by having a DDoS strategy and solution in place ensuring redundancy for critical services. Also, implementing security solutions to protect the applications themselves, as well as against credential stealing and credential stuffing, to substantively educates employees about the main dangers.
Where did everyone go?
If the above risks still chill you to the bone, consider that there remains a distinct lack of experts capable of adequately managing the threat landscape and warding off the all those automated monsters.
Cisco estimates there are a million unfilled cybersecurity jobs worldwide, and the shortfall will only get more pronounced. F5’s State of Application Delivery (SoAD) Report recently flagged that 34% of surveyed customers consider the “skills gap” a significant security challenge.
An integrated cloud strategy, therefore, will get the best from existing talent and align key department functions, such as DevOps and NetOps teams to prioritise “the right things” within IT. Nevertheless, there are still notable gaps. The F5-commissioned survey found that DevOps and NetOps disconnect still results in the use of multiple cloud solutions and providers across IT (cloud sprawl), further complicating the process of delivering, deploying, automate and scaling applications that support digital transformation efforts and are secure.
A scarcity of cybersecurity experts calls for urgent attention and only a robust combination of investment, business resource, political will and cultural change can create the defensive army we all need.
So, whether you’re bobbing for bots or trying to avoid being tricked or mistreated, make sure your business is not haunted by poor data security practices this Halloween. Sweet dreams, everyone. Stay safe out there.