Six ways cybersecurity breaches can bring down your business Posted on October 9, 2018 by Tim Burke These days, the consequences of inadequate cybersecurity have profound impacts on companies’ reputations, bottom lines, and leadership jobs. Equifax’s 2017 breach, for instance, cost $439 million, tanked its share price by 27%, and forced its CISO, CIO, and CEO to resign. Since then, cyberthreat volume, breadth, and diversity have expanded as attackers exploit new techniques and get better at covering their tracks. Pay particular attention to these six current key cyberthreats: 1 Evolving ransomware Network-based, self-propagating worms have eliminated the human element once necessary for launching a ransomware attack. Now all that’s needed is an active and unpatched workstation. Worse, in some cases the ransomware disguises cybercriminals’ real goals – to harvest credentials, wipe data, or compromise industrial control systems. Ultimately, such self-propagating cyberattacks could bring down the internet. 2 Supply chain attacks Cyberattackers have taken to injecting malware into supply chains, a technique that saw a 200% increase last year. Among these supply chain attacks were the Petya/NotPetya, CCleaner, and Kingslayer outbreaks in which hijacked software gave cyberattackers undetected entry into thousands of corporate networks where they exploited privileged accesses and client/supplier relationships. 3 Encrypted malicious web traffic By October 2017, 50% of global web traffic was encrypted, inspiring cyberattackers to use encryption as a tool for concealing their command-and-control efforts. Result: a 300% increase in inspected malware samples using encrypted network communication. Exploits in the clouds Shifting data, applications, and identities to the cloud poses new risks as control of the traditional network perimeter fades and cyberattackers exploit legitimate command-and-control services and encryption to hide malware network traffic. 4 Coin-mining Rising cryptocurrency values have attracted cybercriminals who have taken to coin-mining — easy to do, since coin-miners residing on an infected endpoint require but a few lines of code to mine cryptocurrency. Last year, this “coin rush” produced an 8,500% boost in detections of coin-miners on endpoint devices. For now, the burden of coin-mining falls mostly on device performance, although corporate networks can also face risk of shutdown from coin-miners propagating too aggressively across the environment. 5 Mobile malware Last year, an average of 24,000 malicious mobile applications were blocked each day, and the number of new mobile malware variants grew by 54% compared to 2016. Blame some of this on the persistence of older operating systems (only 20% of Android devices run the newest major OS). Grayware (apps that aren’t entirely malicious but can be problematic) is causing trouble, too, since 63% leak device phone numbers. 6 IoT attacks In 2017, Internet of Things (IoT) attacks increased by 600% over 2016, yet patching IoT device vulnerabilities is not keeping pace. Why? It’s not always clear who’s responsible for maintaining IoT devices, some devices may not be updatable, and others may require direct vendor support. In my next post, I’ll address what you can do to protect your business and the technologies it depends on.