New defence approaches required

November 2018 Cyber Security

The world is witnessing a proliferation of global malware and other cyber-attacks, with the number of breaches escalating. Coupled with this the growth in the value of crypto currencies is creating new areas of vulnerability and making the move from physical to digital even more pronounced.

In this rapidly evolving environment, we cannot expect traditional security strategies to remain effective.

Traditionally the key fundamentals of security have been firewalls, IDS and anti-virus. But escalating data breaches illustrate that focusing on these basics alone is no longer effective.

2019 must be the year for enhanced visibility, regardless of where a company’s perimeter is located. The days of single breakouts and in-house applications are over; therefore, the future-proof strategy must expand the definition of the ‘boundary’ beyond physical buildings and defending against external threats. Now, the perimeter must look both ways to protect against threats from the inside where a massive hole could be waiting to be exploited.

Visibility is top of the priority list in the world of the cloud

Security must take into account who and what is already within the confines of the environment, asking what users do with information and how they are accessing applications. It must take into account that users access business systems remotely, and that critical systems and data are now stored, accessed and created out in the cloud.

Business must focus its cybersecurity strategies on delivering full visibility across all business systems. Information security must ensure that it knows what behaviours are taking place across both its physical and virtual environments. Visibility makes it possible to respond with speed to potential breaches as indicated by behavioural changes or anomalies.

Effective monitoring with the ability to instantly respond will eliminate down time and ensure ongoing business operations and the capability of securing your businesses in a digital world.

Crypto-mining attacks will form a massive part of the 2019 threat landscape

Mining is the process of adding transaction records to Bitcoin's public ledger of past transactions - a ‘mining rig’ is a colloquial term for a single computer system that performs the necessary computations for ‘mining’.

In this instance the attacker deploys a piece of malware that uses the infected machine’s processing capacity to run calculations to mine crypto currency. There are miners for different types of crypto currency, including newer ones as these require fewer calculations. The modern crypto miner has built-in intelligence which stops working when the user is logged in and performing their normal work. When they are idle or away from their machine, the crypto miner kicks in once again.

Therefore without adequate monitoring on what is really running on your machines, these attacks can go undetected for very long periods.

Ransomware attacks will continue, but due to better backup and recovery planning this is not as effective as in the past. A crypto miner starts to generate revenue for the attacker from day 1 and for as long as it is not detected. This is also very simple for unmonitored insiders to deploy themselves. I think this will be a massive part of 2019 threat landscape.

Organisations need to work on the Assume Compromise principle. You need to understand that security layers will fail, firewalls will miss attacks, end point protection will fail and users will compromise the systems in place. With visibility, you understand what is normal – what needs to be improved is the capacity of organisations to identify what is different.

Attacks will continue to grow because attack tools are more readily available and almost all attackers are unsophisticated and simply by continually doing the basics and having effective monitoring you will be able to stop almost all of these. It is imperative to make your attack surface smaller.

John Mc Loughlin, CEO, J2 software.
John Mc Loughlin, CEO, J2 software.

The biggest risk in 2019 remains the same – Users!

The busy modern, hyper-connected user can and will compromise your environment, most of the time by accident. The user is where the biggest real risk sits, but the modern user cannot work with traditional ‘lock and block’ scenarios. 2019 strategic trends should see users being brought into the picture by providing them with the power to identify and help prevent cyber-attacks.

In 2019 the forward-looking cyber security plans must do everything possible to empower the user to fight against cyber-attacks. Utilising effective technology to provide you and your users with full visibility into risky activity and immediately identify anomalies will be the key to staying un-breached throughout 2019.

For more information contact J2 Software, +27 87 238 1870, john@j2.co.za, www.j2.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Pwn2Own hacking contest to include industrial control systems
October 2019 , Cyber Security
As IT and OT converge under Industry 4.0 and digital transformation initiatives, security gaps are emerging in a range of popular industrial control systems.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
The importance of XDR for cyber protection
October 2019 , Cyber Security, Products
35% of South African organisations are expecting an imminent cyberattack and a further 31% are bracing for it to happen within a year, according to local research conducted by Trend Micro.

Read more...
Enterprise security must change
October 2019 , Cyber Security, Security Services & Risk Management
The recent wave of cyberattacks against local banks has highlighted the importance of protecting data against malicious users.

Read more...
Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
Cybersecurity for video surveillance systems
September 2019, Mobotix , Cyber Security, CCTV, Surveillance & Remote Monitoring
Video surveillance systems are increasingly accessible over any IP network, which has led to the rise of potential cyberattack.

Read more...
African trust centre launches cyber division
November 2019 , Cyber Security
Advancing cybersecurity to more stringent heights, LAWtrust has launched a new division focusing on cybersecurity services to complement its identity, encryption and digital signature offerings.

Read more...
What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

Read more...
Protecting the outer perimeter with cloud services
November 2019 , Cyber Security
Business leaders now have a choice whether they want to continue using their trusted firewall or move to a next-generation firewall delivered by appliances or as cloud services.

Read more...