Aiming for cyber safety
As organisations transition towards more digital integration, the scope of cyber security is expanding and shifting towards ‘cyber safety’ in a much broader sense. The familiar concept of CIA (confidentiality, integrity, availability) does not meet the new requirements of ensuring safety of any organisation’s broadened business ecosystem and customers.
Over the past year, we have seen an increase in cross-over threats that compromise organisations’ and individuals’ privacy, security and safety. With the rapid adoption of interconnected things from home appliances and cars to medical devices, we expect a great increase in data privacy breaches, fraud and identity theft, cyber extortion and espionage.
At CyNation, we believe that the threat landscape in 2017 and 2018 will revolve around smart-phones and mobile devices, internet of things, the cloud and IT infrastructure.
Smart-phones are an increasingly attractive target for online criminals. As a result, attacks are becoming more sophisticated and effective in stealing valuable personal data or extorting money from victims. Although Android users remain the main target, iOS devices experienced effective attacks in which devices did not even need to be jail-broken to be compromised.
According to IDC’s Worldwide Quarterly Mobile Phone Tracker (July 28, 2016), there are more than 1.6 billion smart-phones being used around the world today. This number is forecast to reach 6.4 billion by 2020 according to Samsung and Ericsson.
Such rapid adoption, coupled with enhanced processing powers, high bandwidth connectivity (4G and 5G) and mobile payment systems such as Apple Pay, Samsung Pay and Android Pay, are making smart-phones an attractive target for cyber criminals.
As a result, the number of mobile phone vulnerabilities has increased dramatically by at least 200 per cent in the past couple of years.
With many app stores accessible from desktops and laptops, users are able to browse, purchase, and remotely install apps. This provide a unique opportunity for crossover threats. Several malwares already exploited this by stealing browser cookies for Google play sessions from the infected computer and used the users’ credentials to impersonate the user and remotely install apps onto the victims’ phones and tablets without their knowledge or consent.
Besides the usual trick of hiding malicious code inside allegedly legitimate apps, attackers are developing more sophisticated techniques to make money from their victims. One technique we have recently seen is the use of a phishing Trojan. It tricks users into entering their banking credentials through the pop-up of a fake login page or payment form on top of a legitimate banking or shopping application.
Similarly, mobile ransomware is getting more convincing by using an operating system’s design or an authority’s logos to intimidate the user and lure them into paying their fine or subscription to unlock their device.
We usually recommend organisations and individuals to:
The internet of things has arrived. Even though in its early days, we can see the impact it will have on our lives and the environment: smart devices and wearables download updates from the internet; point-of-sale terminals at shops are 24/7 interconnected with the company’s central system; smart thermostat allows us to control the temperature in our homes through the internet, and connected and driverless cars are already roaming our cities’ streets.
With billions of people connected to the internet today and the number of connected devices expected to exceed 21 billion by 2020 (Gartner Inc., press release, November 10, 2015), the internet of things represents a major transformation in the digital world.
In order for it to deliver the estimated two trillion USD economic benefit, manufacturers, designers and users have to address fundamental cyber security challenges. Devices that were not meant to be internet-enabled are now online and potentially open to attack.
Without efficient security measures, these present an increasingly attractive target to attackers who look for easy targets and entry points to our homes and businesses – our private and professional lives.
As with all cyber security threats, some are more dangerous than others. A hacked fitness monitor may be an inconvenience whist a vulnerability in millions of cars will present serious danger. Similarly, a backdoor in a medical device may give thieves access to a person’s medical records (a data confidentiality breach), but it also has the potential to lead to serious injury or even death.
Taking all these factors into consideration, protecting the internet of things and ensuring the physical safety of its users requires a comprehensive and proactive approach to cyber security. If we couple this with security and privacy by design, meaning safety is built in to devices themselves, their underlying infrastructure and the systems that manage them, we can reach cyber safety.
We’d always recommend that organisations:
Cyber security affects us all. Just as bacteria and viruses surround us and are not going to miraculously go away, vulnerabilities are a part of our computing environment. They are here to stay – like it or not – albeit in ever changing forms and manifestations. A careless approach to monitoring and updating our systems will be a major cause of malware infections and cyber-attack.
With organisations moving their IT infrastructure and systems to virtual and cloud hosted environments, visibility and control of systems are being reduced and entirely entrusted to third party service providers. As a result, the complexity of protecting businesses’ infrastructure and systems will increase and bring new cyber security challenges to the organisation and its stakeholders.
This doesn’t mean the cloud and virtual environment are less secure than traditional IT services. However, as with any system, each time a new layer is introduced to a service stack, the attack surface increases. For example: poorly configured and administrated virtual environments can allow attackers to escape from a guest virtual machine (VM) and access the native host’s operating system, alongside other VMs running on the same platform.
Attackers exploiting such vulnerabilities can steal sensitive data of any of the virtual machines in the affected system and gain elevated access to the host’s local network and systems. Other trends we’ve seen over the past two years, mostly as a result of poorly-managed security of cloud environments, are ghostware and two-faced malware.
In view of these threats, we recommend organisations to:
This article was originally published here and was reposted with permission.
