New research released by cybersecurity company Trend Micro shows that hackers stepped up their efforts to exploit commercial networks in 2016. With a huge leap in the types of ransomware used and a flurry of business email compromise (BEC) attacks, cybersecurity is as important as ever.
Perhaps the most striking statistic is that the number of ransomware "families" spiked by more than 750 percent in 2016, meaning ransomware attacks – those in which a company's data is held hostage and returned only in exchange for payment – are becoming more varied and sophisticated. [See Related Story: How to Protect Your Data from Tax-time Hackers]
"Ransomware attacks became more tenacious than ever," the February 28 report reads. "Organizations should therefore stay vigilant to avoid losing data and money, and experiencing significant system downtime. Multilayered security solutions that employ machine learning and cover gateways, endpoints, networks, and servers can help prevent ransomware infections."
According to the report, spam was the number one source of ransomware infections. On one hand, this should come as a relief to business owners, because it is relatively simple to educate employees about best practices when it comes to email security: Don't open suspicious or unexpected emails, don't click any links, and when in doubt always confirm with the sender that they indeed are trying to contact you via email.
These education-based strategies extend nicely to another growing threat: the BEC email scam. These attacks are generally carried out by hackers who have done some basic reconnaissance on your organization; they typically identify executives within your company and then do their best to impersonate them online.
Hackers often select a target within the organization and send an impostor email requesting some sensitive information or asking to initiate a wire-transfer. Educate your staff to never divulge sensitive information without first confirming the authenticity of the sender, as well as to never click unfamiliar or unsolicited links embedded in emails.
Internet of Things devices present new vulnerabilities
Trend Micro's report also raises the specter of the growing threat posed to networks by vulnerabilities in Internet of Things (IoT) devices. The report references the recent "Mirai botnet" incident, in which roughly 100,000 IoT devices were leveraged for a massive distributed denial-of-service (DDoS) attack on Dyn servers. Those attacks led to large scale disruption across sites hosted on the affected servers, and the threat has not disappeared.
As IoT devices become more commonly used by businesses, they create additional opportunities for hackers to exploit companies' networks. That means shoring up your cybersecurity today – and maintaining those best practices tomorrow – is increasingly critical. [See Related Story: How the Internet of Things Will Make Your Business Better at Customer Service]
"People tend to underestimate the threats IoT devices pose to the enterprise. There are both threats within the device itself, and also the threat of adding in another point of vulnerability that can be exploited within your organization," Andrew Hay, CISO at cybersecurity software company DataGravity, said. "The real problem is rooted in the amount of data hidden inside. You are providing another access point for someone to see your sensitive data, like driver’s licenses, IP addresses, names, emails and more."
Some of the impetus for IoT security also falls on manufacturers, whom need to ensure that subsequent generations of IoT devices are more secure than the earlier iterations.
"Companies that design and manufacture Internet-connected devices cannot overlook basic privacy and cybersecurity procedures and protocols in the rush to roll out new products," said Heather Enlow-Novitsky, an attorney in the Columbus office Vorys, Sater, Seymour and Pease who focuses on privacy and cybersecurity issues. "Companies must take steps to protect the privacy and security of data, as customers and regulators expect private information to be secure."
For the end user, that means recognizing the level of trust required before selecting a particular product. When it comes to IoT, the possibility of additional cyber threats should be top of mind. Still, selecting a secure product is only half the battle; wise cybersecurity practices are, as always, of the utmost importance.
"Unfortunately, there is no silver bullet here, but there are steps that can be taken," Stephanie Weagle, a vice president at Corero Network Security, said. "Organizations must have a specific focus on locking down their IoT assets. This includes selecting IoT products from reputable vendors who are committed to delivering secure products. Organizations must also perform regular firmware upgrades and audit IoT systems to ensure they are not compromised."
Staying proactive, she added, is the best policy.
"Waiting until an attack to determine countermeasures and a protection plan is not enough in face of DDoS attacks—including IoT driven botnets," Weagle said.