SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
The guide to digital security in unstable times
Fri, 11th Sep 2020
FYI, this story is more than a year old

It's no secret that attack landscapes have increased for organisations across industries all around the world owing to a variety of factors relating to the COVID-19 pandemic.

Due to the great shift to remote working and learning alone, there are myriad new challenges in the realm of digital security - a surge in usage of unsecured devices in the home, increasing eCommerce transactions, the need for organisations to migrate faster to digital solutions, and more.

Such an increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents - from the impersonation of the World Health Organisation in thousands of phishing campaigns to the state-based cyber attack on Australian governments and businesses in June.

And according to Varnish Software, one of the most effective ways to combat the perils of today's cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations.

Completing a thorough review of potential threats to sites and apps, both from an organisational and technical point of view, will almost certainly reveal that there are more threat vectors than expected.

And while it's not possible to control employee behaviours that open the door to attack, for example, there are detection and prevention steps to help guard against threats of all stripes.

Understanding threat vectors and access routes

Each access route has its own unique properties and characteristics, and as such, they will each have specific weaknesses vulnerable to exploitation.

For instance, the network access route is vulnerable to DDoS and eavesdropping threat vectors. DDoS can also be used to infiltrate the DNS/routing access route, in addition to the DNS hijacking and cache poisoning threat vectors.

The well-documented authentication access route, of particular interest to credential thieves, can come under attack from phishing campaigns, data leaks, credential stuffing and session hijacking.

As one of the more wide-ranging access routes, applications are vulnerable to exploitation from API attacks, malware, man-in-the-middle attacks, injection attacks and cross-site request forgery.

Awareness of these various threat vectors as they relate to different access routes is the first step in the process of enacting proactive and effective cybersecurity measures. Hackers and bad actors have a lot to work with if they find an organisation which is not on the defensive. 

Shifting threats mean a shifting edge

By 2026, the global cybersecurity industry is projected to grow from the US$173 billion it is today to a gigantic $270 billion by 2026 - courtesy, in no small way, of the surge in security incidents this year.

According to Varnish Software, most breaches (70%) originate at endpoints. It follows, then, that one of the best approaches to prevention is monitoring, detection and education - keeping employees from succumbing to phishing attacks and similar techniques.

Security concerns are shifting as rapidly as technology in general. But with cybersecurity specifically, many of these concerns are seen at the edge - especially as demand for high-performance content delivery pushes caching nodes to the edge.

The promise of edge computing - to enhance performance and reduce latency - is currently at odds with efforts to make cloud, mobile and IoT applications more secure. Organisations that invest in real-time visibility and monitoring tools will gain a lifeline when it comes to enriching performance, uptime and privacy.

Vigilance and visibility - the keys to combatting modern cyber-threats

Cloud, mobile and IoT are three of the most significant theatres of combat when it comes to edge security. Here are the key points for each:

Cloud

That cloud infrastructure has innumerable benefits is well-documented. Also well-known is the mammoth challenge of securing it.

For example, the benefits of multi-cloud cloud models are many, but they also pose a challenge when security teams are charged with harmonising the security policies across multiple different platforms. Some platform vendors may also have shoddy security policies compared to others.

This could be why, according to Varnish Software, as many as half of all enterprises using cloud services have failed to implement any kind of cloud and container security.

Mobile

Endpoint security is perhaps no more crucial in any area than it is for mobile.

Traffic and behaviour monitoring must be employed in order to detect abnormalities and to tighten access control and authentication.

The ubiquity of mobile also doesn't help when it comes to endpoint security. Many users will grant broad and sweeping security permissions without knowing or understanding the risks involved in doing so - which can lead to widespread data leakage.

Unsecured WiFi connections are also a significant risk, opening vulnerabilities to network spoofing, while content sent over encrypted TLS connections on mobile networks (rather than WiFi) is delivered not only securely but faster than unencrypted connections.

IoT

One of the great security headaches of this age is the fact that many IoT devices are unsecured by default.

But because mobile networks are often seen as the connectivity of choice for IoT, mobile and IoT go hand in hand. This could pose the problems outlined above - but, as 5G technology rolls out, the potential for better security and bandwidth is strengthening.

Despite this, most IoT devices are still security afterthoughts, making them highly vulnerable to attack - especially as a gateway to access internal and previously segregated networks.

For this reason, IoT devices are particularly vulnerable to data leaks, botnets and human error. This could be exacerbated further by the fact that such devices will generate a lot more data,
24/7.

There are many tools to utilise with the goal of easing edge security concerns - including securing privacy, robust authentication and authorisation policies, and more.

But the first step is being aware of the threats.

To find out more, click here.