Guest Column | January 6, 2016

Cybersecurity And The Rise Of The Insider Threat In 2016

By Vijay Basani, CEO, EiQ Networks

Looking back years from now, 2015 may go down in history as the “Year of the Massive Data Breach.” The media reported the fallout from these breaches for months, mainly because the brands were so well known: Anthem, JP Morgan Chase, Sony Networks and Experian/T-Mobile, Office of Personnel Management (OPM), or infamous in the case of Ashley Madison. There were many, many more that weren’t reported because they aren’t household brands. A look at this visualization of the world’s biggest data breaches leads to one question: why are they happening so frequently?

The answer is more obvious than you think: No matter how big or small, nearly every single company depends on the Internet. And because of this reliance, companies are exposed as targets, even those organizations that have a solid IT security policy and technologies in place to prevent a breach. Every organization falls into one of two buckets — either you are already breached or you are going to be breached. There is no organization/business that can state with a straight face that they will never be breached. In fact, the 2015 Verizon Breach Investigative Report shows that small-to-medium-sized enterprises are as likely to be breached as large enterprises.  

More people are going online now than ever before. According to data from the 2013 U.S. Census, nearly 75 percent of U.S. households now use the Internet, which means three-quarters of the U.S. population (320 million) are engaged in online activity. To put this number on a global scale, there are approximately 7 billion individuals, of which nearly than 3.2 billion have Internet access. On the upside, each new Internet user is a potential customer. Consider this statistic: in the first quarter of 2014, nearly 200 million U.S. consumers made online purchases. Each of these online purchases represents an opportunity for a cybercriminal to steal credit card numbers, dates of birth, Social Security Numbers, all of which they can use for nefarious purposes. For businesses, gaining new customers means becoming a bigger target, but no company can afford to ignore the growth opportunities of new markets.

A second compounding issue that poses more complexity for companies trying to secure networks and data and protect their customers: more wireless devices are accessing the Internet. And the number of smartphone devices connecting to the Internet is growing daily. The U.S. Census Bureau report for 2013 stated that nearly 84 percent of U.S. households own at least one computer, with 78.5 percent of all households owning a desktop or laptop, and 63.6 percent having a handheld computer, such as a smartphone.

Each Internet-connected smartphone device is a potential target for attacks. Jane Doe’s laptop might not contain a repository of credit card data the size of a corporation’s, but her machine can be infected by hackers and repurposed into a “zombie” that carries out attacks on their behalf. With the Internet of Things bringing everything from refrigerators to shredders online, the scope for zombie takeovers is sure to grow into a new widespread problem.

There are many ways that hackers are able to infiltrate corporate networks and slip through multilayered security systems, firewalls, and other safeguards to wreak havoc — which is why it’s critical for businesses to stay alert and know how to identify the weaknesses in their networks so that they can improve their online security systems.

Going into 2016, organizations must remain vigilant to the following weaknesses in order to protect sensitive corporate and customer data:

  • Leaks Due To Employee And Company Insiders. This should come as no surprise, especially to leading brands such as Target, which suffered a massive, costly, and damaging breach in 2013 because of an HVAC vendor’s carelessness. In this era of WikiLeaks and cyber espionage, governments and corporations are scrambling to stop their own personnel from handing over data to people who want to publish and sell the data. But controversial headline-makers are not the only ones interested in cultivating inside sources. Competitors, both domestic and abroad, are in the game of recruiting disgruntled employees, too. With something as small as a thumb drive, insiders can betray cybersecurity defense information to competitors who want an edge over their rivals.
     
  • Repeated Phishing Attacks. A good percentage of cybersecurity breaches come from regular phishing attacks. Sending scam emails tempting users to click might not sound like the most exciting technique for hackers to employ, but the fact is phishing remains one of the most common — and effective — ways to compromise networks and security systems. A recent Ponemon Institute report calculated that successful phishing expeditions cost mid-sized organizations, on average, $3.77 million annually. However, a 48 percent overall improvement in employees’ handling of phishing attacks translates into a yearly cost savings of $1.8 million. Professional phishers usually aim to acquire personal identifying information such as credit card numbers, but getting tricked by bogus links or attachments or URLs can also expose vulnerabilities.

    For example, hackers may know about a zero-day vulnerability in Adobe Flash. They can circulate an email offering a special discount but once the link is clicked, a fraudulent website pops up instead, forcing users to interact with a Flash-based advertisement. The hackers behind the website now know which version of Flash the victims are running, and whether they are susceptible to the vulnerability. With this knowledge, the hackers can then craft payloads to gather company trade secrets found on the victims’ machines or install malware on compromised user systems.
     
  • Scanning For Vulnerabilities. Another method that is quite common is the hacker practice of scanning networks for vulnerabilities — network, systems, and applications — and then exploiting them, which is why it’s critical for businesses to stay alert and know how to identify the weaknesses in their networks so that they can improve their online security system. A recent EiQ survey of IT professionals revealed that more than 40 percent of businesses have not yet implemented a vulnerability scanning systems. Being blind to potential vulnerabilities in your environment is akin to driving a car on a busy street fully aware that you have faulty brakes.

Continuous security monitoring and assessment is key for detecting unusual scanning and weak links. If an unexpectedly high number of requests are prying at a WordPress install, for example, that may signify that hackers have picked up on a weakness in the installation. Comprehensive security monitoring will spot strange access patterns and vulnerabilities and raise a red flag, alerting IT teams that a hacker may be attempting to break into a network or compromise a critical system with sensitive data.

Companies must up their game when it comes to security defenses. While hackers are historically better at staying two steps ahead of most organization’s IT security policies and infrastructure, this will be highly problematic going into 2016 as threats and the likelihood that organizations will experience some type of breach increases. Dynamic IT security policies are no longer a luxury. Companies must invest, continue to evolve and do all they can to secure data, networks, systems, applications and devices.

Vijay Basani is the co-founder, president and CEO of EiQ Networks, a pioneer in hybrid SaaS security and continuous security intelligence solutions. Before EiQ Networks, he founded AppIQ, an application storage resource management provider acquired by HP and WebManage Technologies, a policy-driven content deliver solution provider acquired by Network Appliance. Basani is the co-owner of five patents for the architecture and design of the WebManage Content Delivery system, Adaptive Policy Engine, and SLA Management. He earned a Bachelor of Engineering degree in electronics and instrumentation, as well as an MBA and post-MBA degrees, from Baruch College in New York.