It often seems there is no end to the fight against malware, threat actors, and viruses, and the truth is, there isn’t an end in sight.
Not a cheery way to start a blog, I know.
As strong as your security posture may be, the most determined threat actors will continue creating new and innovative ways to compromise your network.
There are no holds barred in the cybersecurity space. Nothing is sacred, and no matter what industry you find yourself in, you (and your organization) are a target.
Research from the 2018 Global Threat Intelligence Report (GTIR) found that between 2016 and 2017, ransomware detections skyrocketed 350% in a single year.
But the question is, “why?”
Are detection technologies getting better? Are threat actors leveraging ransomware more often in their attacks? Are negligent and accidental insider threats becoming more common?
The answer to the above questions is an emphatic YES!
Unsurprisingly, threat actors are becoming increasingly clever in their attacks, continuously evolving to combat even your toughest, most up-to-date defenses.
The important thing to understand here is that threat actors want it to be as easy as possible to achieve their goal.
This is not to say they aren’t willing to put in long hours and late nights to compromise your network, but given the choice, they will take the easiest path – always.
This explains the tremendous rise in cryptojacking, as detections for cryptojacking continue to trend upward.
As if that weren’t bad enough, entire nations employ their own level of sophistication to the ever-present cybersecurity threat.
The U.S. CERT released a Technical Advisory just a few short weeks ago, detailing Russia’s nation-state-sponsored hacking campaign targeting network infrastructure.
But you’re only at risk for being attacked from Russia state-sponsored threat actors if your network environment has routers, switches, firewalls, network-based intrusion detection systems, etc. (I’ll go out on a limb here and say this list encompasses pretty much every single one of you reading this.)
Luckily, you don’t have to worry about third-party vendors, as your supply chain is 100% secure, right? Actually, your supply chain likely has gaping holes in its security, as one researcher pointed out in the GTIC Monthly Threat Report from April of this year.
The short explanation as to why your supply chain is vulnerable to attack is simple: it’s because these attacks are effective.
Remember what I said earlier about threat actors taking the easiest path to success? Supply chain attacks are yet another perfect example of this fact.
For instance, if you’re a mobile device manufacturer, threat actors needn’t bother themselves with hacking individual devices if those same threat actors can successfully compromise one or more elements of your supply chain and that of your competitors.
The reality is that it’s not pretty, and cybersecurity is indeed a battlefield of epic proportions.
Remember – threat actors, hackers, cybercriminals – they’re all looking for the easiest path to success, and your job is to make that path as difficult as possible for them to traverse.
For more on these topics, check out the April 2018 GTIC Monthly Threat Report.