Last week, I had the pleasure of listening to Dave Millier, founder of Uzado and author of Breach!, speak about Cybersecurity. He spoke about some of the trends and cybersecurity challenges that Canadian organizations are facing. Below is a summary of those trends and challenges.
Ransomware out of Control
You don’t need to attend a lunch and learn to know that ransomware is still a big issue, and only getting worse. The most recent Canadian organization in the news to suffer ransomware is the City of Woodstock. The question of whether to pay or not pay is always a hot issue. Just in case you were wondering, Dave shared an interesting statistic with us: only 25% of organizations that pay the ransom are successful in retrieving their data. That means, in 75% of cases, keys are not returned, or the decrypt does not work. Still think you should pay the ransom.
Problems with Passwords
Dave spoke about the movement towards passphrases (NIST guidelines) or two-factor authentication. NIST guidelines also recommends against constant password changes, except in cases where passwords have been breached.
There is also a trend towards credential vaults. A credential vault is a database used to store passwords and similar cryptographic key material. The most common data stored in a credential vault are current and historical passwords to privileged accounts. Access to contents of the vault must be audited, to create accountability for use of privileged IDs.
Why is there so much concern with passwords? Phishing attempts are becoming more sophisticated and users are falling for it. Phishing is being used to steal passwords that access privileged systems. In most cases, the passwords are being readily sold on the dark web.
IoT: Internet of Threats
We tend to think of IoT as Internet of Things. More and more, it’s becoming the Internet of Threats. From hacking fish tanks to access a corporate network, to the potential to wreak havoc with driverless cars, the connected tools that make things convenient can also work against us. Expect to see more news in the future on how IoT is quickly becoming the Internet of Threats.
Cloud Security Breaches
Cloud service providers especially are targeted by hackers. They can reach thousands this way, rather than hacking one company at a time. Dave spoke about a previous Dropbox vulnerability where anyone could access your data with just your email address. If you are going to trust the cloud to store your data, you better be sure that your cloud service provider has put the necessary security protections in place.
What to do about these issues?
These challenges have been around for awhile. Threats from hackers, state sponsored terrorists and insiders are not going to go away anytime soon. The best thing you can do, is protect yourself and have a plan. Engage an MSSP like Uzado to help you with your breach response plan today.