Awareness of cybersecurity threats is one of the best gifts small business owners and system operators can give to themselves. As the threat landscape continues to evolve, knowing what kind of attacks have been happening and thinking about what could happen in the future is a key to effective preparation and maintaining a proactive security stance. Responsible organizations that keep up-to-date with IT security threat trends are in a better position to ensure they partner with effective, professional service providers.
Cybersecurity has been a major headline generator again in 2018, with seemingly more focus than ever before placed on the intricacies of email security, malware, and data theft. Leading security and content distribution network (CDN) provider Akamai recently published its “2018 State of the Internet: A Year in Review,” which covers the many of the biggest recent developments in cybersecurity. The report is worth reading in full, but it also deserves thinking about in the context of what it means for your business and your business’ service providers.
2018: Many Businesses Bid Good Riddance
In 2018 there were millions of cyber attacks, 65% of them targeted at small and medium-sized businesses, according to tech consultancy Kelser Corporation.
The Meltdown and Spectre vulnerabilities disclosed in the first days of 2018 made headlines around the world. The chip-based vulnerabilities are not known to have led to major attacks or losses, hopefully demonstrating maturing threat-response practices across the industry. The section of the Akamai report on this massive cybersecurity challenge provides a good example of the constant back and forth in the ongoing struggle between cybercriminals and security personnel.
Major cybersecurity observations during the year also include a massive 1.3 Tbps distributed denial of service (DDoS) attack, the biggest ever seen, on an Akamai customer in February. The attack utilized a new reflection attack vector based on the exposure of the Memcached Unix service, which was known to have security vulnerabilities, to the internet. This type of reflector attack was quickly adapted to other targets as it became known to other cybercriminals.
Headline incidents are only part of the story, however. For most businesses, the most worrying trend of the year may be the commoditization of hack attacks, or what Akamai calls “The Gig Adversary.” Adversaries specialized in one particular threat area can purchase breached data and perform credential stuffing to sell lists of accounts ready for take-over. The report also deals specifically with brute-force DDoS attacks, application-level attacks, and credential stuffing, three attack types businesses should be familiar with.
Akamai revealed details of credential stuffing attacks against financial services organizations in September, and the company reports that other security organizations are also seeing more attacks of this type. Credential stuffing generally targets passwords, which Akamai calls “the greatest weakness of the web.” Devices roped into a botnet use known usernames and passwords, often originating with a data breach, to try to log into an account. Data breaches continue to furnish attackers with credentials, so this trend seems likely to continue in 2019.
One of the key trends in cybersecurity over the past several years, which will surely extend through 2019, is the rapid evolution of new threats, as attack vectors and vulnerabilities are frequently distributed rapidly as soon as they are discovered. Keeping up with this constantly evolving threat landscape requires security tools that are updated on an ongoing basis. Businesses also need to ensure their systems are patched and updated whenever necessary, which for many SMBs is best handled with a managed hosting service.
The bottom line is that businesses which are not leveraging the appropriate security products and taking due precautions are the low-hanging fruit for a growing and increasingly specialized global cybercrime industry. Being aware of what tools your business needs to deal with the threats it faces will be critical to the survival of many businesses, particularly small and medium-sized businesses, in the year ahead.
How to Protect Your Business in 2019
The good news for businesses requiring a security boost is that the three threats specifically dealt with in the Akamai report, brute-force DDoS attacks, application-level attacks, and credential stuffing are mitigated with a range of security tools commonly available from quality hosting providers.
DDoS protection requires effective network traffic monitoring, and strong attack prevention is achieved with the distributed reach of a content distribution network (CDN) like Akamai or CloudFlare. Not all business will get full value from a CDN, but many businesses depend on them for the security benefits and performance improvements they deliver. For leveraged attacks, such as those at the application layer, require particularly close traffic monitoring and bot filtering, as well as diligent maintenance to make sure unpatched systems are not missed.
A web application firewall (WAF) is critical for organizations running web applications in their environment. A managed WAF service with automatic updates receives information on new vulnerabilities before they are widely targeted, and provides rule-based filtering to block attacks like cross-site scripting (XSS) and SQL injection.
Combatting credential stuffing, like leveraged application-level attacks, requires close monitoring. Business can also improve their chances of avoiding successful account takeovers from this type of attack by enforcing strong authentication policies and technologies such as multi-factor authentication.
This is in addition to the basic tools necessary for businesses to keep unwanted traffic off their servers, including firewalls and VPNs (virtual private networks). Not all firewalls or VPNs are created equal, however. Similarly, email spam is hardly a new threat, but new and advanced spam techniques are best mitigated with specialized next-generation scanning and filtering systems that assess incoming emails at multiple different levels.
Ultimately, avoiding data breaches, downtime, and other business disruptions from cyber attacks requires a certain degree of investment and proactive effort by the business. It is also usually achieved with the help of a quality service provider that will assist in setting the appropriate cybersecurity stance, and then evolving that stance to handle organizational growth and the changing threat landscape.
Businesses that avoid costly security problems tend to be those that look ahead and are prepared to apply updates on the fly to prevent the newest attacks. Protecting your data and network means not just having the right kind of security tools, but ones that are effective, constantly updated and implemented properly.