What Did 2018 Teach Us About Cyber Security?
Cyberattacks in 2018 ran the gamut. We saw threats hiding out in compromised systems to steal computing power and information, and we saw them on an international stage, taking down the opening ceremony of the Olympic Games.
Some of last year’s most impactful cyber threats, as outlined in Cisco’s February 2019 Threat Report, offer us a glimpse into a future where technology offers significant benefits and convenience, but also significant dangers. Those dangers infiltrated daily life around the world and proved how important it is, especially for federal agencies, to be vigilant with a layered security approach.
The threat report examined five of 2018’s biggest stories in cyber security, highlighting threats that researchers believe could strike again. The report is worth a thorough read, but here are three key takeaways to understand going forward.
- The threat landscape shifts quickly and unpredictably.
In 2018 we saw “unholy alliances” between competing actors that ended up working together to distribute malware and attack devices. We also saw the surge of cryptomining, threats that corresponded with a massive boom in the cryptocurrency market – but didn’t necessarily disappear once the market crashed.
If there’s any foundational concern that emerged in 2018, it’s the danger of modular threats that can be tailored to the infected device and offer a range of attacks. These modular threats can be delivered in numerous ways – including through “old-fashioned” email campaigns as well as via newer distribution networks – and can do anything from exfiltrating data to stealing banking information to purely wreaking havoc.
How do you secure your network and your devices against such amorphous threats? Like protecting yourself from cold weather, it’s best to layer up. Cisco’s suite of tools, which guard systems from the end point to firewall and beyond, offer a unified security architecture that can help steel defenses in a rapidly evolving threat landscape.
- The Internet of Things (IoT) will only become more of a target.
Do you remember the stories about panicked parents hearing voices over their baby monitor? It’s a terrifying premise: an unknown malicious actor gaining access to what’s most precious and vulnerable in anyone’s life.
Government networks face similar threats every day. As we continue to connect more devices online, the trend of infiltrating systems through these endpoints won’t slow down anytime soon. Cyber adversaries will continue to prey on network vulnerabilities presented by infinite end points.
In 2018 the VPNFilter threat compromised at least half a million routers and devices throughout 54 countries. The attacks exfiltrated sensitive data and highlighted the numerous ways IoT devices could be exploited, including the ability to steal credentials, carry out distributed denial-of-service attacks and spread malware to other networks.
VPNFilter largely has been neutralized, but the dangers remain as more devices become connected – and as users continue to fail to patch vulnerabilities and understand the threat.
- Increased complexity in widely used technology spurs increasingly sophisticated threats.
Whether it’s your agency’s mobile device management system running employees’ phones, tablets and computers, or a hyper-connected Olympic opening ceremony streaming into billions of living rooms globally, we’re incorporating more of the cutting edge into our lives every day. Unfortunately, it’s a double-edged sword.
The promise of unfettered access to huge swaths of people and mass quantities personal information is an unmatched opportunity for malicious actors. That access is provided all too easily by increasingly simple-to-use, pervasive technologies that make lives easier and connect people, but also introduce weaknesses.
Cyber criminals clearly are exploiting the rising number of internet-connected devices to deliver a growing arsenal of threats. But awareness is half the battle given the fact that so many of these threats are introduced via email and other securable vulnerabilities.
Luckily, advances in technology have another benefit: better security tools. By employing an integrated approach that layers of state-of-the-art protections – and understanding the threat landscape – cyber security doesn’t have to be a losing battle.
Iron Bow has the talent and experience to help federal agencies understand the latest threats and what solutions can mitigate those risks.
For more information about how Iron Bow can help protect your systems, visit our cyber security webpage.
TechSource in your Inbox
Sign-up here to receive our latest posts by email.