Cybersecurity Threats to Watch Out for in 2020
By
Victoria CView All Posts
Bridging the gap between Information Security and the Business. Cyber Security is a passion of mine and having Coach bags.
Top Stories
1 - Cybersecurity Threats to Watch Out for in 20202 - How FARFETCH Maintains a Strong Cybersecurity Culture During the Pandemic
Cybersecurity threats continue to evolve over the years. Attackers are constantly looking for new exploits and strategies to defraud and damage companies. Thus, the spending and costs to organisations affected by it continue to increase. According to Cybersecurity Ventures, the damage related to cybercrime is projected to hit $6 trillion annually by 2021.
At Farfetch, we have a Cybersecurity team dedicated to keeping our users and company information safe and secure online. Here are some of the top cybersecurity threats to look out for and some ways to mitigate them:
1) Phishing/Social Engineering Attacks
Phishing attacks are a kind of social engineering attack where a fraudulent process is used to elicit sensitive information like usernames, passwords and personal details.
Some Mitigating Controls:
- Provide training to employees so they can recognize a phishing attempt;
- Adopt a least privilege access control - limiting the access of each user to the bare minimum needed to fulfil their role;
- Use anti-phishing solutions to detect falsified emails; and
- Create an effective incident response procedure.
2) Internet of Things (IoT) Based Attacks
IoT continues to create a security blind spot where cybercriminals can launch a zero-day attack to compromise devices such as webcams, smart TVs, routers, printers, and even smart homes. Cybercriminals specifically target these devices, as they are often overlooked when it comes to applying security patches - making them easier to compromise.
Some Mitigating Controls:
- Audit all internet-connected devices on your network, their dependencies and what operating systems they run;
- Keep the firmware for these devices up to date;
- Ensure available firmware updates are installed on all applicable devices; and
- Conduct a risk-based approach on how each device impacts the complexity and cost of implementing security protocols.
3) Ransomware
Ransomware is a type of malicious software designed to block access to computer systems, files or documents, making them inaccessible until a sum of money is paid. It involves infecting a victim’s systems with a piece of malware that encrypts all their data.
Some Mitigating Controls:
- Use strong perimeter security, such as firewalls, to prevent malware from being uploaded;
- Install antivirus programs that can scan email attachments for encryption malware; and
- Implement a business continuity/disaster recovery plan that includes an offsite backup of the most important business data.
4) Internal Attacks
Insider threats are still among the biggest cybersecurity concerns as they originate within the targeted organisation.
Inside access makes it possible to inflict great harm if the insider chooses to abuse their access privileges for personal gain. Or, they may be targeted by social engineering by accidentally allowing their accounts to be compromised by attackers.
Some mitigating controls:
- Review your starters, leavers and movers process to ensure it meets industry best practices
- Change user credentials once compromised;
- Adopt a least privilege access control - limiting the access of each user to the bare minimum needed to fulfil their role; and
- Depending on the type of compromise, consider revoking access privileges (i.e. admin, super admin etc.).
5) Unpatched Security Vulnerabilities and Bugs
Hackers will exploit known security bugs that have readily available fixes. However, very few organisations will apply these security updates/patches to vulnerable software.
A security vulnerability (or security bug) is an unintentional glitch or programming flaw in computer software or an operating system.
Some Mitigating Controls:
- Create and maintain a rigorous patching schedule and audit;
- Carry out regular and scheduled Penetration tests and vulnerability scans (Vulnerability scans alert on pre-existing flaws. Penetration tests attempt to exploit the vulnerabilities in a system to determine whether unauthorized access or other malicious activity is possible, identifying which flaws pose a threat to the application.);
- Use a risk-based approach to patch reported vulnerabilities; and
- Consider replacing unsupported software programs.
6) Distributed Denial-of-Service (DDoS) Attacks
Distributed Denial-of-Service attacks target websites and online services. Their aim is to overwhelm these services with more traffic than the server or network can accommodate, rendering the website or service inoperable.
The ability of DDoS attacks to paralyze operations for businesses of any size alone makes them a credible threat. However, that’s not the only reason these cyberattacks are considered highly dangerous. DDoS attacks are often a catalyst for other breaches already in progress.
Some Mitigating Controls:
Countermeasures for a DDoS attack can vary depending on the methodology of the attack.
- Whitelisting and Blacklisting IP addresses;
- Implement a business continuity/disaster recovery plan; and
- Change default passwords.
There are several components that cause cybersecurity threats, that is why we need to be critical and judicious when evaluating new technologies and their potential threats and vulnerabilities.
It is important to understand that all technologies are inherently limited and inherently vulnerable, and that every step forward is going to unlock new possibilities, both good and bad. It is equally important to hold our administrators and engineers to high standards, but not unrealistically so.
Remember: The more secure the technology is, the longer it takes to break the security, and thus the greater the chances of any attack being detected.
