About a decade ago, controlling the room temperature with a smartphone was a dream. Today, we live in a reality where everyone and everything is powered by Internet-enabled devices. Welcome to the hyper-connected world, where devices have the capabilities to collect and process vast amounts of data to assist with decision-making.
In fact, according to Telsyte by 2019 the average household will have around 24 internet-connected devices. Homes in Australia are becoming so connected that the country is projected to spend $3.2 billion on connected devices and services by the end of the decade. These connected devices are set to be part of an Internet of Things (IoT) ecosystem that will drive new business models, increase operational efficiency and fuel innovation, but which will also create new challenges.
In addition to generating data that will need to be transported, analysed and stored, each connected device creates new vulnerabilities for organisations. Hence, protecting the network perimeter at traditional points of entry is no longer sufficient with so many more devices to track. Each connected device and network transaction must also be secured to prevent security breaches, data loss, or compromised data.
With the evolution of technology, security threats have grown in sophistication, form and volume over the years. Cybercriminals are finding increasingly evasive ways to invade an organisation’s perimeter, so businesses need to be a few steps ahead to inspect every packet on their network and validate every entitlement for access.
The 2016 Dell Security Annual Threat Report, has identified four key trends in security vulnerabilities that organisations must factor into their security strategies in 2016 and beyond:
Up and up: A marked increase in malware attacks
According to the Dell report, there were 8.19 billion malware attack attempts in 2015, nearly double the number for 2014. There were 73 percent more unique malware samples in 2015 compared to 2014, indicating that cybercriminals are serious about infiltrating organisational systems with malicious code. Perhaps in the near future malware may spread through any connected device, from the classic email spam to wearables, and even cars.
Exploit kits at your disposable
Exploit kits are kits loaded with malware to help cybercriminals penetrate organisations far and wide today. Such kits can be used to target security vulnerabilities which are so new they have not been patched, also called ‘zero-day’ vulnerabilities, and feature new mechanisms that current security systems have yet to cover.
Android as a popular target?
With Android-based smartphones pulling ahead of iPhones at 54 percent share and about 80 percent of Australian customers comfortable with online or mobile banking, cybercriminals are more likely to focus on Android as a key target channel.
As with exploit kits, cybercriminals are developing new ways to deliver attacks. In fact, millions of Android users at one of Australia’s largest banks fell prey to a sophisticated malware attack earlier this year, when a virus presented a fake version of the login screen.
In November 2015, the Dell SonicWALL team also discovered an Android campaign created to steal credit card and banking-related information from infected devices. Many of the malicious packages used the official Google Play Store as a conduit to trick victims into entering their credit card information.
A spike in SSL/TLS encryption
HTTPS connections are popular as they can prevent eavesdropping or modification of Internet traffic. By Q4 of 2015, HTTPS Internet links (SSL/TLS) made up an average of 64.6 percent of all web connections. Unfortunately, HTTPS is not wholly secure.
Cybercriminals can leverage SSL/TLS to evade legacy security systems which may not detect the malware. In fact, one “malvertising” campaign in August 2015 redirected as many as 900 million Yahoo users to a site that had been infected by the Angler exploit kit.
While each of these four trends can be addressed individually, a holistic approach to security handles changes in the security landscape easily through deploying security measures that are both reactive and pre-emptive:
1. Conducting a comprehensive risk analysis to identify risks and needs.
2. Upgrading to a next generation firewall (NGFW) with integrated intrusion prevention services (IPS) and SSL-inspection.
3. Updating security policies to defend against a broader array of threat vectors, including establishing multiple defences to respond to both HTTP and HTTPS attacks.
4. Making sure all software are up-to-date. This protects organisations from older malware that has been neutralised.
5. Developing dedicated team resources that can respond to potential threats.
6. Working with reliable, compliant partners and reputed global security brands. Third-party vendors also comply with the security standards.
Security is everyone’s responsibility
With more connected and personalised mobile devices in the market, manufacturers are becoming more security-aware as the burden of delivering more protected and secured solutions increase proportionally. This burden is also extended to individuals within the organisation. Businesses need to adopt comprehensive security practices to raise the individuals’ awareness and provide ongoing training.
Enterprises should also provide regular training to staff members so that they can be aware of the risks associated with social media platforms, social engineering, suspicious websites, downloads, various spam and phishing scams. While the balancing act of having easy access to corporate data versus intransigent security measures continues to represent a significant challenge, well thought-out corporate processes and procedures to counteract the security risks have become invaluable.
Further, as many of such devices may be owned by the individuals, provision and management of the devices would likely represent further complexities. For example, ensuring users to keep their devices updated from trusted sources would be a sensible but potentially difficult exercise to execute for any organisation. Partitioning of devices for corporate versus personal use as well as providing secure connectivity into corporate network with users’ consent would, however, alleviate such challenges.
In a hyper-connected landscape, staying ahead of evolving security risks requires an all-round effort. The new security approach must be multi-dimensional in order to cover all bases, involving governments, enterprises, manufacturers, vendors and end-users all working together to ensure that their devices and networks are secure.
Article by Sandeep Joshi, General Manager at DELL SonicWALL