New defence approaches required

1 November 2018 Cyber Security

The world is witnessing a proliferation of global malware and other cyber-attacks, with the number of breaches escalating. Coupled with this the growth in the value of crypto currencies is creating new areas of vulnerability and making the move from physical to digital even more pronounced.

In this rapidly evolving environment, we cannot expect traditional security strategies to remain effective.

Traditionally the key fundamentals of security have been firewalls, IDS and anti-virus. But escalating data breaches illustrate that focusing on these basics alone is no longer effective.

2019 must be the year for enhanced visibility, regardless of where a company’s perimeter is located. The days of single breakouts and in-house applications are over; therefore, the future-proof strategy must expand the definition of the ‘boundary’ beyond physical buildings and defending against external threats. Now, the perimeter must look both ways to protect against threats from the inside where a massive hole could be waiting to be exploited.

Visibility is top of the priority list in the world of the cloud

Security must take into account who and what is already within the confines of the environment, asking what users do with information and how they are accessing applications. It must take into account that users access business systems remotely, and that critical systems and data are now stored, accessed and created out in the cloud.

Business must focus its cybersecurity strategies on delivering full visibility across all business systems. Information security must ensure that it knows what behaviours are taking place across both its physical and virtual environments. Visibility makes it possible to respond with speed to potential breaches as indicated by behavioural changes or anomalies.

Effective monitoring with the ability to instantly respond will eliminate down time and ensure ongoing business operations and the capability of securing your businesses in a digital world.

Crypto-mining attacks will form a massive part of the 2019 threat landscape

Mining is the process of adding transaction records to Bitcoin's public ledger of past transactions - a ‘mining rig’ is a colloquial term for a single computer system that performs the necessary computations for ‘mining’.

In this instance the attacker deploys a piece of malware that uses the infected machine’s processing capacity to run calculations to mine crypto currency. There are miners for different types of crypto currency, including newer ones as these require fewer calculations. The modern crypto miner has built-in intelligence which stops working when the user is logged in and performing their normal work. When they are idle or away from their machine, the crypto miner kicks in once again.

Therefore without adequate monitoring on what is really running on your machines, these attacks can go undetected for very long periods.

Ransomware attacks will continue, but due to better backup and recovery planning this is not as effective as in the past. A crypto miner starts to generate revenue for the attacker from day 1 and for as long as it is not detected. This is also very simple for unmonitored insiders to deploy themselves. I think this will be a massive part of 2019 threat landscape.

Organisations need to work on the Assume Compromise principle. You need to understand that security layers will fail, firewalls will miss attacks, end point protection will fail and users will compromise the systems in place. With visibility, you understand what is normal – what needs to be improved is the capacity of organisations to identify what is different.

Attacks will continue to grow because attack tools are more readily available and almost all attackers are unsophisticated and simply by continually doing the basics and having effective monitoring you will be able to stop almost all of these. It is imperative to make your attack surface smaller.

John Mc Loughlin, CEO, J2 software.
John Mc Loughlin, CEO, J2 software.

The biggest risk in 2019 remains the same – Users!

The busy modern, hyper-connected user can and will compromise your environment, most of the time by accident. The user is where the biggest real risk sits, but the modern user cannot work with traditional ‘lock and block’ scenarios. 2019 strategic trends should see users being brought into the picture by providing them with the power to identify and help prevent cyber-attacks.

In 2019 the forward-looking cyber security plans must do everything possible to empower the user to fight against cyber-attacks. Utilising effective technology to provide you and your users with full visibility into risky activity and immediately identify anomalies will be the key to staying un-breached throughout 2019.

For more information contact J2 Software, +27 87 238 1870, john@j2.co.za, www.j2.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Next-generation security operations centre
Issue 4 2020, AVeS Cyber Security , Cyber Security
Pay-as-you-use cybersecurity from AveS allows all businesses access to world-class expertise.

Read more...
Strengthen your passwords for world password day
Issue 4 2020 , Cyber Security
May 7 is World Password Day and KnowBe4 is providing tip sheets, videos and tools to help people strengthen their passwords.

Read more...
Tips on secure remote working
Issue 3 2020 , IT infrastructure, Cyber Security
NordVPN advises how to stay secure while working from home during the coronavirus outbreak.

Read more...
The Trojan that’s nearly impossible to remove
Issue 3 2020, Kaspersky , Cyber Security
xHelper – the Trojan that’s nearly impossible to remove – continues to infect thousands of devices. How can you stay safe?

Read more...
Have your security on lockdown over the lockdown
Issue 3 2020, Vox Telecom , Cyber Security
It’s a given that people working from home have fewer security defences on their home networks than they would have in the office.

Read more...
Free enterprise-grade security to healthcare organisations
Issue 3 2020 , Cyber Security
Bitdefender offers free enterprise-grade security to all healthcare organisations for up to 12 months.

Read more...
Someone is out to steal your cookies
Issue 3 2020, Kaspersky , Cyber Security
Kaspersky experts have discovered two new Android malware modifications that, when combined, can allow the thieves to discreetly gain control of the victim’s account.

Read more...
The political and economic intentions of cybercriminals
Issue 3 2020 , Cyber Security
FortiGuard Labs’ Threat Landscape Report reveals a new perspective on global trade and the allure of election disruption.

Read more...
FortiGate 1800F next-generation firewall
Issue 3 2020 , Cyber Security
FortiGate 1800F next-generation firewall enables today’s largest enterprises to achieve internal segmentation as well as scale, performance, detection, and enforcement capabilities.

Read more...
Simple and secure for small businesses
Issue 3 2020 , Cyber Security
New cloud-driven solutions from Cisco make buying, installation and maintenance easy with the Cisco ‘Designed for Business’ portfolio built for simplicity and security.

Read more...