News & Updates

RBJ Viewpoint: Ransomware and cloud attacks expected to increase

Written by iV4 | Feb 18, 2020 2:16:03 PM

Caleb Freitas, iV4 Security Team Lead and Senior Security Consultant, shares his cybersecurity predictions and advice for businesses.

 

Published February 14, 2020

By: Caleb Freitas, iV4 Security Team Lead & Senior Security Consultant

On average, hackers attack every 29 seconds — that’s 2,244 times every day. And they’re not anywhere close to slowing down. That’s why businesses in Rochester — and around the globe — need to have a holistic cybersecurity strategy in place.

In 2020, the best thing a business can do is prepare. At iV4, we want to see more companies invest now — prepare now — instead of waiting to respond to a hack. Because the more a business does before a hacking attempt, the better off it’ll be if and when that day comes. The last thing you want to say about your business’ security is “could have, would have, should have.”

There are important cybersecurity trends for businesses to be aware of in 2020. Let’s take a look at them before you take a closer look at your current IT and cybersecurity strategy.

Ransomware is still evolving

Just like any business, attackers are looking for their highest return on investment. The ransomware we knew in 2019 has now evolved. New strains are taking full control of networks, stealing company data and compromising the ability for businesses to restore their backups. Some criminal organizations are even threatening to publish the sensitive stolen data to the public internet if the ransom isn’t paid.

These full-scale ransomware attacks make it far less likely that a company can recover critical information without paying the ransom. In addition to the potential costs of ransom and recovery, expanding privacy regulations, such as HIPAA, NY SHIELD, CCPA and GDPR, can result in costly data breach fines, as well.

Backups are a target

Cybercriminals thrive on two common weakness: The majority of companies don’t fully secure their backups and they don’t often know where their sensitive data resides. Backups are the new attack vector for cybercriminals because they are the primary way to counteract a ransomware attack and return the organization to a known good state. Without the ability to recover, the cybercriminals control the attack and your data.

At iV4, we make sure companies not only have backups in place, but that they are properly secured and regularly tested to ensure that a timely recovery is possible.

Cloud native attacks

Most people think of hacking as a person accessing a single computer or network. But in 2020, we’re predicting — and starting to see as a trend — cloud native attacks. That means if you’re using a cloud service, such as Azure, AWS, Office 365, Dropbox or any other online application, hackers don’t have to be on your network or computer to access and compromise your data.

Instead, they compromise either your login information or cloud misconfigurations, allowing them to damage, delete, copy and hold for ransom data stored in the cloud. Most commonly, this happens through a social engineering attempt — or false request for credentials. In 2020, IT directors can’t afford to think about only on-premises security. Protecting your data now needs to include every cloud app your company users use.

Traditional on-premises tools, like firewalls and anti-virus, simply won’t protect a business from these types of attacks. Instead, companies need to secure online accounts by promoting a single identity across all cloud apps and adopt strategies that eliminate users using cloud apps that are not managed by the IT department. Business IT and security teams also need to be well versed in securing the configuration of cloud services, such as Azure and AWS, to ensure that a misconfiguration does not leave them vulnerable.

Privacy and industry regulation changes

Various privacy and industry regulation changes are coming, and some are already here. In terms of privacy, New York SHIELD Act security program requirements go into effect this March, and the California Consumer Privacy Act became effective Jan. 1.

For industry regulations, there will be expanded requirements for companies that handle credit card information. Companies that handle sensitive government information will see a cybersecurity certification requirement that’s on the horizon. In 2020, we expect to see privacy and industry regulations become even more prominent, meaning they’ll be top of mind for company boards and leadership.

At iV4, we’re working with a variety of companies to continually prepare them for upcoming regulatory changes — but we’re seeing a lot of companies that aren’t ready. They serve as a good reminder that it’s important for businesses to keep up with regulation changes, expand compliance and build an overall security program that allows your company to easily comply with and undergo an audit.

Global view and nation-state attacks

Like cloud native attacks, we’re expecting more cybersecurity conflicts with other countries in 2020. Being an election year, we’ll see more publicized activity of different nation-states trying to gain information and control of U.S. technology assets. But not all nation-state sponsored attacks are politically motivated or targeted at elections. More often, these attacks target our critical infrastructure, manufacturing industries, municipalities and business of all sizes. In the past year, the Department of Homeland Security has published multiple bulletins alerting U.S. businesses to increased cyber-attack activities from various nation-state sponsored attackers in Russia, Iran, China and other countries.

What businesses can do

At the end of the day, attackers are becoming more advanced. They’re smarter and faster — and they aren’t the teenagers you see in movies, hacking a system from a laptop in the basement. Today’s hackers are often state-sponsored and financially or politically motivated to target businesses of all sizes, from 10 employees to 10,000. No one is safe.

The good news is, there’s one big thing your business can do to protect itself: Prepare for an attack. By taking steps right now, working on security policies and procedures, and addressing new trends and predictions, your business will be in the best possible position to prevent, contain and recover from an attack.

The cost of remediation is much higher than the cost of protection.

 

Caleb Freitas is the Cyber Security Team Lead at iV4 and has been in the industry since he was 16. He is responsible for managing and leading the incident response team at iV4. Last month, he attended an international cybersecurity training conference in Israel. Caleb was featured as a Rochester Business Journal Fast Start on Dec. 13, 2019.