Oct 03 2017

Ransomware, IoT Risks and Insider Attacks Threaten Businesses the Most

As National Cyber Security Awareness Month kicks off, businesses must focus on present-day IT security risks and plan for future ones as well.

Cybersecurity is never far from the headlines, whether that’s in data breaches like the one that Equifax suffered or ransomware attacks that hold files hostage. It can all seem a bit overwhelming, but there are plenty of tools and resources businesses can tap to enhance their cybersecurity defenses.

This month, expect to hear a lot about them. The Department of Homeland Security and the National Cyber Security Alliance (NCSA), a public-private partnership, have for the past 14 years been using October to annually mark National Cyber Security Awareness Month (CSAM). The month’s core message, according to the alliance, is that “the internet is a shared resource and securing it is our shared global responsibility.”

For businesses in particular, the NCSA says that the top threats they face include ransomware attacks, Internet of Things (IoT) vulnerabilities and insider attacks. In addition to defending against those dangers, businesses must confront emerging ones, including from artificial intelligence and the growing interdependence between different kinds of data, according to Michael Kaiser, NCSA’s executive director.

SIGN UP: Get more news from the BizTech newsletter in your inbox every two weeks!

Explore Multiple Facets of Cybersecurity

The month is broken down into weeks, each with its own theme that DHS, the NCSA and its partners will highlight with events and advice. Here is a quick breakdown:

  • Week 1: Oct. 2-6 — Simple Steps to Online Safety 
    This week will highlight how businesses and citizens can take simple steps to improve cybersecurity. The alliance will promote its “Stop. Think. Connect.” campaign to encourage users to stop and make sure security measures are in place, think about the consequences of their actions and behaviors online, and still connect with and enjoy the internet. The week will spotlight the top cybersecurity concerns for consumers, provide simple steps to protect against these concerns and explain how consumers can respond if they fall victim to a cybercrime.
  • Week 2: Oct. 9-13 — Cybersecurity in the Workplace Is Everyone’s Business
    This week will focus on why every organization, large or small, needs a plan for employee education, training and awareness that emphasizes risk management, resistance and resilience. The week will showcase how businesses can protect themselves, their employees and customers against common cybersecurity threats. It will also promote resources that can help organizations strengthen their IT security resilience, such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
  • Week 3: Oct. 16-20 — Today’s Predictions for Tomorrow’s Internet
    The third week of the month will explore how the Internet of Things presents both new opportunities and new threats. Personal data is the fuel that makes smart devices work, the alliance notes, and it is critical to understand how to use cutting-edge technology in safe and secure ways.
  • Week 4: Oct. 23-27 — The Internet Wants You: Consider a Career in Cybersecurity
    According to a study released earlier this year by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information security workers. The alliance will use this week to encourage students and professionals to explore cybersecurity as a viable and rewarding profession.
  • Week 5: Oct. 30-31 — Protecting Critical Infrastructure from Cyber Threats
    The last few days of the month will focus on how to build resilience into critical infrastructure, including electric grids, utilities, financial systems and transportation networks. The theme of this week transitions into Critical Infrastructure Security and Resilience Month in November, highlighting the tie between cybersecurity and the country’s critical infrastructure.

Ransomware, IoT and Insider Threats Stalk Businesses

According to the second annual State of Ransomware study from Malwarebytes and Osterman Research, 22 percent of small to medium-sized businesses (SMBs) that experienced a successful ransomware infiltration had to cease business operations immediately, and 15 percent lost revenue.

NCSA’s Kaiser says that the Petya and WannaCry attacks from earlier this year should have woken up businesses to the importance of “basic software maintenance and patching.” Many of those affected by the WannaCry ransomware attack were Windows 7 users who had not downloaded critical security patches from Microsoft.

For SMBs, Kaiser says, “it implies that if you are going to take on software as part of your business operation, along with it comes the maintenance. If you were operating a fleet, you would have to periodically go in and change the oil. It’s a little more frequent with software patches, unfortunately.”

Another threat is from IoT. As businesses deploy more connected devices they need to think about how their networks will be exposed to vulnerabilities, Kaiser says. Businesses need to evaluate the data that is being collected and how IoT devices will need to be secured and maintained over time, he says. They also need to think about how these devices change IT environments and their associated risks overall. For example, internet-connected video cameras could be hacked and used to determine when everyone has left an office for the day so that a robbery can be planned.

Insider threats are also a prevalent issue that, while not new, are critical because businesses now have more data than ever to protect. Companies need to look at IT security holistically. “What do you have that’s so important?” Kaiser says. “Who has access to that data, and do those people need access to that data?”

Kaiser recommends that SMBs follow the NIST framework for cybersecurity and its five key steps: identify, protect, detect, recover and respond. Those apply to every business. The alliance is looking for ways to make the framework more relevant for SMBs.

NCSA is also using the month to consider forward-looking cybersecurity threats from emerging technologies like artificial intelligence and IoT. Society is becoming more dependent on data, Kaiser says, and systems are becoming more interdependent on data coming from multiple sources. For example, a smart city system needs data from connected cars and infrastructure to move traffic safely. “The interdependence just requires that continued focus on security, trust and integrity of all of these systems, because if they are compromised, a compromise could look very different 10 years from now than it does today,” he says.

TommL/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.