This article originally appeared in part of Panther’s new Future of Cyber Attacks Series, which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyberattacks. Click here to read the original.
The following is an interview with Morgan Hill, Director of Support, Cinch I.T.
How have cyber attacks evolved over the past 12 months?
Over the last 12-36 months, there has been a major split in the types of malicious attacks we’ve seen targeting businesses. While everyone anticipated an exponential increase in these attacks, the evolution into two predominant categories many support systems and security teams did not necessarily expect.
The primary type of targeted attack is automated script-based attacks initiated via email. This method remains the most active and growing, a trend almost certain to continue. These attacks are generally the easiest to spot and prevent. However, malicious actors employ a quantity versus quality approach in their attacks due to the ease of deployment.
While these attacks continue to target a massive audience, there has recently begun a trend of far more dedicated threat purveyors intelligently and actively targeting networks. These threats are far more dangerous as they are being enacted by a ruthless, and more importantly, patient, intelligence. Once the network or infrastructure has been actively analyzed and breached, the criminals do not immediately try to scam or send internal phishing attacks to company executives. Still, they can remain in the network silently for hours, days, or even weeks to determine the best way to exploit and benefit financially through in-depth analysis.
What lessons can we learn from the biggest cyber attacks in recent history?
Cybercriminals have been consistently evolving and improving their methods month over month. From the complexity of the attack vectors to advanced social engineering to the encryption methods and software they use, these criminals are always getting better at their practices and making them harder to defend. The biggest takeaway from recent experience is that businesses, vendors, and the government are struggling to keep pace with the rapidly changing landscape. Some of this comes from ignorance of the threats and their expansion. Still, other weaknesses come from a willful disregard for security measures and active upkeep due to a perceived loss inconvenience.
Is multi-factor authentication an additional step that will form a habit? Most definitely. Yet, I and others familiar with the threat landscape at the moment will argue for its mandatory use in all possible situations due to it being worth the slight trade-off.
What will cyber attacks look like in the future?
The complex multi-pronged approach will evolve and become more common for increasingly smaller businesses and service providers, including MSPs. Complex social engineering attacks often combine with traditional network and system assault.
The future attacks will become more complex and dedicated as we are already seeing in the wild. They’ll begin with an information-gathering phase and a detailed plan of attack. Attacks will include which employees and systems in your organization are the most vulnerable or at risk. Then, hackers will work to exploit these weaknesses in a nearly undetectable method until they’re fully ready to strike where it causes the most damage, providing them the most profitable outcome.
What is your advice for organizations looking to get ahead of future cyber attacks?
There are many techniques and services involved here. I’ve narrowed them down below in my order of importance:
1) Two/Multi-Factor Authorization
Two-factor authentication is the first system I put in place and would recommend on all platforms. It can be for all users (scoped by location or VPN whenever possible). This protection will prevent many attack vectors and employee errors to a large degree.
2) Employee Training
Continual employee training and updates on the latest threats. This training can include many aspects, including but not limited to:
- Firstly: phishing simulations
- Secondly: Weekly or monthly training for new malicious trends
- Thirdly: Dark web scans for password breaches
Promoting good security habits is one of the best ways to identify a potential malicious event.
3) Critical System Patching
You should constantly monitor these critical systems:
- Firstly: Email servers
- Secondly: External-facing firewalls
- Thirdly: IIS or web servers
- Fourthly: Any connected IOTs devices
Many systems see exploits becoming more common due to cybercriminals and ethical hacking teams. Installing the latest security patches is a good way to close these exploits on your systems. You should also retire older systems that are not being in active use.
4) Advanced Email Protection Services
Many providers have email encryption and archiving services and advanced email threat protection services, becoming more robust. Employing protection services that look for spam or phishing emails and employ impersonation prevention, Macro detection systems, and URL link scanning can greatly reduce the number of threatening emails from reaching the end-users.
5) Regular Security Audits
After educating employees on detecting threats, protecting them via MFA, preventing them from receiving as many threats as possible, and protecting internet-facing system security flaws, the final component is all about the validation. At a minimum, a quarterly or annual security audit should include penetration testing. This audit is a great way to prove systems are up-to-date and employees are practicing good behaviors to keep your organization safe from cyber attacks.
About Cinch I.T.
Since 2004, Cinch I.T. has provided customer-focused I.T. services for businesses of all sizes. Whether you need a business continuity plan or complete I.T. compliance services, our computer support offers the fastest and friendliest service in the industry. Cinch is one of the nation’s fastest-growing I.T. support franchises with 11 locations across six states. To learn more about our computer support service, visit cinchit.com. For more information about I.T. franchise opportunities, visit cinchfranchise.com.
Click here to find your nearest local Cinch I.T. office: