With the threats we are facing and the sophisticated hacker’s ability to break through defenses, detection becomes a critical component of all security infrastructures.  What do we need to be looking out for?

While not new, ransomware is on the rise and was proven to be one of the biggest challenges of 2016 – and will only increase in 2017. Email and malvertising containing malicious malware have been the primary launch vectors for ransomware although there appears to be an increase in network and server-side vulnerabilities that are involved in the exploits. The motivation behind these attacks is not to steal data but to encrypt your data until a ransom has been paid. This attack has been not only profitable for the attackers but is so successful that they increasingly refuse to unlock the data and demand more ransom. When data has been unencrypted it is hard to recover 100% and there is no guarantee of the data integrity. There is also a high incidence of reinfection.

Vendors have paid closer attention to fixing vulnerabilities quickly but there can be a lag time between the issuance of a fix and the time it is patched on a system. Unpatched vulnerabilities and outdated systems are a major attack vector for hackers to use social engineering, malware exploit kits, ransomware, and more, to achieve their goals.

Exploit kits attackers are widely available to anyone with intent who can then easily compromise systems through pdf files and Flash content and launch attacks.  According to Cisco, using the Nuclear exploit kit, Flash accounted for 80 percent of successful exploit attempts. In addition, server-based campaigns are also on the rise because of their profitability, similar to ransomware.

It has been said and continues to be true that your employees are your weakest link. The insider threat can include sabotage, theft, espionage, and fraud. Very often insiders unintentionally assist a threat actor by falling for phishing campaigns or clicking on a malicious link to allow malware to propagate throughout your network. While we tend to hear more about the big breach from the outside the insider threat is still very prevalent. Training employees to recognize scams and not clicking on links or opening email from unknown senders can go a long way to keeping your network safe.

Time to detection is critical. According to Microsoft, the average time attackers stay in a network before detection is over 140 days. During that time they can escalate privileges to gain access to sensitive data or wreak havoc on your systems. Analyzing behavior is the best way to detect potential threats. Unusual behavior patterns from employees or systems sends a red flag that you may have a potential threat. Isolating the activity until it can be analyzed is critical to stopping bad actors from causing harm.

It’s important to understand where your data resides , your system configurations and your vulnerabilities in order to develop a cybersecurity plan that will keep your most sensitive data safe.

Our engineers will come onsite and give you the facts about your infrastructure.  After our walk through and evaluation, we will discuss any pain points you may be experiencing along with providing short, mid, and long term recommendations.

The objective of the assessment is to:

• Improve efficiencies
• Increase productivity
• Streamline processes
• Reduce IT expenditures

Related Articles: 

Facebook has a new tool for security, but is it wise?

Cyber Security Error at a New York airport

Another Day Another Breach: Uber, Fitbit, OKCupid

Security Audit Checklist

The post 5 Ways to Improve Your Cyber Security Posture appeared first on Fairdinkum.