As security threats evolve and adapt, so, too, must organizations’ response to them
Infosec spending is on track to reach $124 billion this year. According to research firm Gartner, this marks an 8.7% increase from 2018 as organizations look to solve detection, response and privacy challenges across corporate and cloud-based networks.
Despite big(ger) budgets, however, attacks aren’t slowing down: As noted by Infosecurity Magazine, 90% of critical infrastructure providers say their IT/OT environments have come under attack in the past two years, and Forbes points out that while the total number of businesses reporting a cyberattack dropped last year from 43% to 32%, many organizations are now targeted month after month by persistent hackers.
The hard truth? Malicious actors aren’t resting on their laurels; even as security researchers adapt to current threats, attackers are selecting for code behaviors that benefit their bottom line.
Environmental Adaptation of Threats
Hackers are adapting to their environment, creating tools and workarounds that both exploit existing vulnerabilities and leverage new weaknesses to compromise personal and business networks.
For example, attackers are shifting away from ransomware deployments—which both provoke enterprise frustration and engage security defenses—to cryptojacking solutions that allow them to mine cryptocurrency using background processes. In many cases, organizations don’t know they’ve been compromised until IT analyzes detailed resource usage and traffic logs.
Constantly expanding internet of things (IoT) networks represent another adaptive threat. While these devices offer enhanced functionality, ZDNet notes that maintenance and management are often low-priority considerations, opening the door for IoT exploitation. Also a concern? Attackers taking a page from cloud-based solutions to offer “malware-as-a-service” solutions that sell modular components to hackers of all skill levels on the black market. Recent cybersecurity predictions point to increased as-a-service support this year as high-level hackers develop new attack vectors but offload the risk to lower-skilled buyers.
At the far edge of evolution are new pieces of malware such as the one developed by researchers at the Ben-Gurion University Cyber Security Research Center in Israel. According to The Washington Post, this new code can compromise medical scanners and compel them to “automatically add realistic, malignant-seeming growths to CT or MRI scans.”
One Step Forward …
Cyberthreat evolution isn’t a unidirectional process; just as hackers look to the future for ways to compromise critical networks, they’re also looking back for techniques that still pay dividends.
Consider phishing attacks. While thousands of blogs, white papers and surveys have been dedicated to understanding and eradicating this email-based threat vector, recent ProofPoint data shows that it’s alive and well—83% of infosec professionals reported phishing attacks in 2018, and corporate credential phishing attacks saw a 4x increase from Q2 to Q3 2018. Here, it makes sense for hackers to hold the course: Given the ubiquity of corporate email use and the relative ease of social engineering, phishing remains a high-yield, low-risk scenario.
Also making the rounds? DNS hijacking, a well-known technique that’s been problematic for more than a decade. As noted by ASPI, while security standards such as DNSSEC can significantly reduce the risk of domain hijacking, less than 20% of large-scale websites and networks have adopted this defensive mechanism, leading to “glacial” security evolution—and a great opportunity for attackers.
Nature and Nurture in Threat Detection
With hackers looking forward and back to select best-fit attack characteristics, how do organizations develop effective defense? By deploying both native security solutions and nurturing in-house infosec ability.
As noted by Information Age, the evolving nature of cyberthreats demands more than a supposedly impenetrable, digital Maginot Line across network perimeters. Instead, organizations must look to cloud-native, adaptive security deployments that can obfuscate application code, detect unexpected runtime events and take autonomous action to remediate issues before notifying IT pros.
But that’s only half the battle: With more than 300,000 open infosec jobs thanks to the widening IT skills gap, organizations must nurture existing talent and consider recruiting “new collar” professionals with an aptitude for IT security. The common denominator? Essential security certifications such as (CEH), Security+, CISM and CISSP from reputable providers give technology pros the combination of hands-on training and technical knowledge they need to even the IT playing field.
Staying the Course
Evolving threats now leverage emerging trends and exploit existing weaknesses to breach corporate networks. But it’s not all bad news. By selecting for a nature/nurture approach to cybersecurity, companies can both adapt and overcome.