“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained, you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”—Sun Tzu
When it comes to protecting your company’s sensitive systems and data, do you truly know your enemy? Showy hacktivists, out for nothing more than a flashy outage and media attention, are the foes who most easily spring to mind, but they’re only the tip of the iceberg. The greatest threats to corporate network and data security are 1) those who seek to intrude undetected into your systems and 2) your accidentally careless and complacent employees who let them. These intruders are patient, they’re meticulous, and they’re eyeing what you have and are planning to get it, 24/7.
The demand is there
Why? Think of squirrels constantly attacking a bird feeder. They do it because the bird feeder is always there and because there’s a constant demand for what’s inside. The theft of trade secrets and intellectual property is a real one, but most threats are about paychecks rather than espionage.
In the case of corporate data, there is a thriving black market on the Dark Web for stolen information. That underground trade is booming, with individual email addresses sometimes going for as much as $100 a piece! Other types of data, including credit card and bank account numbers or even individuals’ medical records, can go for much more.
So, attackers probe for vulnerabilities, which, more often than not, come from personnel, such as virtual workers, contractors, vendors, and employees elsewhere on your supply chain. Those vulnerabilities often involve poorly crafted passwords that provide malicious parties easy access to networks and can quickly escalate their intrusions once they’re in your network.
Constantly evolving attacks
Unfortunately, these attacks, which are far more sophisticated than phishing schemes of the past, are constant, increasing in number, and increasingly successful. The threat landscape is constantly evolving, with new attack vectors emerging and being identified each year. Hackers’ tactics are evolving as well as they focus on the weak links found in most security programs and make use of their own networks to share best practices, resources, and code.
Today’s cybercriminals use social engineering tactics, researching their targets before striking, so that they can use public information about the target, such as that found on LinkedIn or other social networking sites, to bait them into disclosing privileged information, such as log-in credentials.
In fact, 91 percent of cyberattacks now start with targeted phishing schemes. Such scams have resulted in breaches across all sectors, including education, retail, and even government. The criminals get in using spear-phished credentials or cleverly disguised malware and then compromise user computers and gain a foothold into organizations’ systems and networks.
The culprits behind the attacks
Who might be behind such attacks? It’s wise to look beyond the shady “hacker” stereotype. While “hacktivists” out to damage corporate reputations or simply wreak havoc are out there, there are even more serious threats to your company’s security. Those threats include corporate espionage in the form of industrial cyberspies hired by your competitors, foreign countries using your company’s resources as an access point for spying, and even organized criminal groups—all looking to steal corporate secrets or even change data inside your organization.
But don’t underestimate the impact of the non-malicious parties that become implicated in attacks. Employees, partners, contingent workers, like contractors and freelancers, and personnel within your extended supply chain can all be targeted and fall victim to a spear-phishing attack that ends in a breach of your systems. Even seemingly inconsequential inanimate objects, particularly Internet of Things–connected devices, like home appliances, medical devices, cameras, cars, etc., can provide the access point that attackers need unless proper security precautions are taken.
While technologies like multi-factor authentication are critical to mitigating today’s security risks, preventing an attack on your systems and data is not a simple matter of adding a discrete point solution or security technology. Cybersecurity is a holistic endeavor and demands as much knowledge of your enemies’ motivations and methods as it does of your own organization’s strengths and weaknesses.