Home Surveying the cyber threat landscape: 5 risks for your company today
Local

Surveying the cyber threat landscape: 5 risks for your company today

Contributors
cyber crime
(© daviles – stock.adobe.com)

Is your company vulnerable to cyber threats? The answer is almost certainly “yes.”

This is not because of any shortcoming on your end, although there’s surely more you can do to protect yourself from digital harm. Your organization is vulnerable to cyber threats because those threats are increasingly numerous, sophisticated, and difficult to detect.

One only need look at recent data intrusions involving firms like Asiaciti Trust and Il Shin — global fiduciaries caught up in a massive unauthorized data release in 2021. Or to smaller-scale ransomware attacks affecting key pillars of the economy, like Colonial Pipeline. Or to everyday identity theft, which affects millions of individuals and companies each year.

You have an obligation to your stakeholders to periodically review the cyber threat landscape and determine where your greatest vulnerabilities lie. Start with these persistent and potentially devastating perils.

1. Targeted spearphishing campaigns (email and social media threats)

 

Spearphishing isn’t just phishing by another name. It’s far more sophisticated and targeted. It’s capable of ensnaring even the most skeptical users — people you’d never expect to fall victim to a known cyber security risk.

Spearphishing typically occurs through email or social media. The best defense is a strong spam filter, a tight network, and strict protocols for disseminating sensitive information such as account numbers and access credentials.

2. Ransomware attacks

Ransomware is responsible for some of the highest-profile cyber security lapses of the past five years. The typical attack is straightforward: The bad guys use a malicious link or other delivery vector to load malware onto the victim’s system; the system is then locked unless the victim pays a ransom.

Even if the ransom is paid, there’s no guarantee that the affected data will be recoverable or usable. So the best defense is prevention — strong firewalls, up-to-date anti-malware, and strict internal data protection protocols.

3. Insider threats (data theft with permission)

Sophisticated digital threats are often difficult to pinpoint. Sometimes, it’s not even possible to conclude that an intrusion has occurred, despite circumstantial evidence (such as subsequent data releases). The far-reaching data incident that touched Il Shin and Asiaciti Trust left few traces, for example, to the point that some affected organizations were unable to define the extent of their exposure.

However, one type of threat is usually detectable, or at least possible to rule out: data theft by insiders. This is because insiders typically use their own credentials (or credentials provided by another insider) to access sensitive systems and data. In so doing, they leave a record for future investigators.

That doesn’t mean insider threats are easy to counter. On the contrary, it’s very difficult to stop a motivated insider — whose access has already been authorized — from doing harm.

4. Distributed Denial of Service Attacks (DDoS)

DDoS attacks are also known as brute-force attacks. This is a good way to think about them, as they rely on countless “zombie” machines or clones to overwhelm a website or server. If successful, DDoS attacks knock victims’ systems or websites offline until the attack subsides, which can take hours or even days.

Preventing DDoS attacks is difficult for firms that don’t control their own servers. Web hosting companies are frequent victims of such attacks and can cause considerable collateral damage when they’re taken offline. And because the motivations of DDoS attackers are often not economic but political or simply “just because,” it’s impossible to reason with them or buy them off (as is usually the case with ransomware attackers).

5. Zero-day exploits

Zero-day exploits take advantage of known hardware or platform flaws that allow intruders to access victims’ devices or systems. Although they can be patched, they’re often not discovered until it’s too late. Sophisticated threat actors’ use of zero-day exploits is often difficult to determine beyond a reasonable doubt as well, as there’s plenty of opportunity to conceal the intrusion.

Stay one step ahead of the threat

Managing cyber risk is a full-time job. Actually, it’s a full-team job. Larger organizations continue to add internal cyber security talent even as they work with outside vendors — enterprise-grade anti-malware providers, digital forensics investigators — as needed.

If your organization isn’t in such a position, you must do what you can with what you have. Anticipating the threats on this list is a good start; they deserve your attention and resources.

And it’s important to plan for the worst-case scenario too. From Asiaciti Trust to Colonial Pipeline, the importance of resilience following a data incident has never been clearer. You have control over how you respond — and how you move on.

Story by Erika Warren

Contributors

Contributors

Have a guest column, letter to the editor, story idea or a news tip? Email editor Chris Graham at [email protected]. Subscribe to AFP podcasts on Apple PodcastsSpotifyPandora and YouTube.