An ever-growing range of information security threats exist that can lead to a range of devastating consequences for organizations, such as:
- compliance issues associated with the loss of sensitive data.
- severely damaged reputations as a result of information loss or theft.
- high costs—the average data breach costs $3.86 million according to an IBM-backed 2018 study conducted by the Ponemon Institute.
Bearing in mind this small sample of the potential consequences of data compromise, it’s clear that information security needs to remain a top priority for organizations of all sizes. While it’s true that information security defenses improve all the time, it’s also clear that risks and threats evolve over time.
Ensuring adequate defense mechanisms to protect your valuable information begins with knowledge of what the key threats are. As 2019 approaches, here are six of the most important information security risks. For additional information about contemporary cybersecurity issues and threats, check out this information security blog.
Top Information Security Risks
1) More Targeted Ransomware
The 2017 WannaCry and NotPetya ransomware attacks cost the U.K’s national health service and Danish shipping company Maersk £92 million and $275 million respectively.
The response to the major 2017 ransomware attacks was a significant increase in the adoption of comprehensive ransomware protection strategies. Despite the fall in ransomware during 2018, it’s clear that these types of attacks still pose threats and they are becoming more targeted at specific organizations. The SamSam ransomware attack on the city of Atlanta’s IT systems in 2018 was a case in point. SamSam caused widespread disruption to the extent that police and other city officials had to fill in forms by hand and citizens couldn’t pay for water bills or parking tickets.
So, even though ransomware is falling, it’s clear groups are targeting municipal and healthcare organizations in particular as potentially lucrative victims of such attacks.
Cryptojacking or cryptomining is quickly replacing ransomware as the most prevalent type of information security threat. This type of attack entails the hijacking of a target computer system to use their processing power and mine for cryptocurrency. Cryptojacking is on the rise, not least because of the ease of its implementation and its lower system footprint. Cryptojackers get users to click malicious links or view ads containing malicious code that executes cryptomining without the user knowing about it. It’s evident that criminals believe these attacks are easier, less risky, and potentially more profitable.
Mining for Bitcoin requires a lot of processing power and the use of specialized hardware, however, cryptojacking attacks typically target currencies that are much easier to mine for, such as Monero. The premise is that instead of investing in their own costly hardware, cyber criminals steal the power of other systems using malicious code and they profit. The only temporary evidence of such attacks is a system lag.
3) Targeting Privileged Insiders
Cybercriminal groups are expected to take a turn towards using “muscle” as a means of obtaining sensitive and valuable information, including intellectual property and strategic business plans. The threat of violence against privileged insiders at organizations will grow as criminal gangs look to become more efficient in their operations. Targeting privileged insiders requires minimal cyber security expertise.
4) SQL Injection Attacks
SQL injection attacks are a perennial type of security risk that continue to cause problems for web applications. The basic premise is that hackers manipulate input data on web applications to pass unauthorized SQL commands into a back-end database, instructing the database to modify, delete, or return database values, which might contain sensitive or lucrative information. These types of attacks commonly target content management systems such as Joomla and WordPress, and eCommerce software/platforms like Magneto or Opencart.
5) Inadequate Access Management and Authentication
The increased use of cloud computing systems puts organizations at the mercy of their own access management and authentication policies. Information compromise from these types of risks will be highly relevant as more organizations move to the cloud during 2019.
A major benefit of cloud computing services to organizations is the provision of anytime, anywhere access to employees to IT services. Problems arise, though, when organizations fail to use multi-factor authentication for cloud systems. Using passwords alone as a means of authentication is outdated, and it puts sensitive information at the mercy of social engineering attacks or threats against insiders in which cyber criminals only need a password to get mission-critical information.
Proper access management uses role-based access to ensure that users of cloud systems only have access to information and systems necessary to perform their jobs. A lack of prudent access management magnifies the potential impact of any intrusion into cloud systems.
6) Spear Phishing
Spear phishing is a sophisticated form of information security threat involving the use of emails, ostensibly from trusted senders, to entice individuals to reveal confidential information or passwords. These types of social engineering attacks are on the rise because they are easier to fall prey to than standard phishing attempts. The attacker creates a plausible email address and writes a professional email purporting to be from someone in a leadership position.
Tips to Prepare for InfoSec Risks
- Keep systems up to date and never click on email attachments from untrusted sources.
- Monitor server and individual system resource consumption and have alerts in place for unexpected spikes.
- Instruct those with privileged information access on physical security measures and measures to prevent social engineering attacks.
- Web application firewalls can stop SQL injection, XSS, LFI, RFI, Bad Bots and 100+ attacks in real-time by filtering out malicious traffic before it reaches your servers. In particular, the firewall can scan HTTP traffic coming from web applications.
- Conduct security audits regularly to get a good overall picture of how secure your information is. Security audits can identify vulnerabilities, such as SQL injection attacks which remains a top database security concern.
- Use multi-factor authentication and proper access management for the cloud.
- Always encrypt any sensitive information.
- Properly educate employees on spear phishing emails, including instructions on what to do if people receive a suspicious email.
- Have a security audit(VAPT) of your portal to know all possible ways through which hacker can hack you. Patch the vulnerabilities with the help of your developer.
Astra Web Security also provides a detailed Vulnerability Assessment and Penetration testing of your website with a right mix of automation and manual testing.Engagement with Astra will be providing the following services:
- Vulnerability Assessment and Penetration Testing (VAPT)
- Static & Dynamic Code Analysis
- Technical Assistance in Patching found Security Vulnerabilities
- Collaborative Cloud Dashboard for Vulnerability Reporting
- Access to our security tools/APIs
- Web Security Best Practices Consultancy
With knowledge of these risks in mind, combating the top information security threats requires using a combination of tools, policies, procedures, and people to properly protect your valuable data.