16 Oct Top 5 Network Security Risks And Threats
How file and system integrity monitoring can help
– Robert Johnson, III, President & CEO at Cimcor, Inc
Chicago, Ill. – Oct. 16, 2019
It’s an unpleasant truth that businesses must face: Between vulnerabilities and the ever-changing IT landscape, network security risks continue to evolve and underline the need for vigilance.
To that end, proactive network managers know they should routinely examine their security infrastructure and related best practices in order to upgrade accordingly. Such an approach can make a difference in the ability to effectively respond to the following five network security threats.
Encryption
Encryption is a double-edged sword. In recent years, organizations have looked to protect sensitive data by scrambling communications, what we know as encryption.
“End-to-end encryption” can create a false sense of comfort for consumers, Bloomberg recently reported. The reality is that a hacker can control the device in a variety of ways, including gaining access to the “full discussion regardless of what security precautions are built into the app you are using.”
Encryption essentially gives hackers free rein to operate prior to their eventual detection and remediation.
Ransomware
Network-based ransomware can cripple systems and data. This threat is of a particularly alarming nature as it does not rely heavily on the human element to execute and bring an organization to its knees.
Many times, to be successful with an attack, an active and unpatched workstation and an automated software update is the only set of needs. Data can be compromised or lost altogether on an infected device. And further compounding the problem is the fact that many small to medium-sized businesses do not report ransomware attacks as they occur.
As CPO Magazine noted (citing the 2018 Ransomware Report), fewer than one-quarter of all ransomware attacks are actually reported. “After command and control servers are taken offline, some companies may opt to pay the ransom and move on, rather than deal with a potential PR disaster,” per CPO.
Preventative measures against ransomware include:
- Using Diverse Backups
- Keeping Antivirus Up-To-Date
- Maintaining Patch Updates
- Installing File and System Integrity Monitoring Software
- Compliance Maintenance
Learn more about how businesses can be prepared for ransomware.
DDoS Attacks
DDoS attacks come at a real cost. The severity and frequency of DDoS attacks have many network managers concerned. Hackers infiltrate organizations by flooding websites and networks with questionable traffic.
Two avenues are emboldening criminals in their nefarious endeavors. “DDoS for hire” services is one means through which hacking/attack skills are offered in exchange for money.
The other channel used is the wide adoption of Internet-of-Things (IoT) technology. IoT widgets with poor security defenses are easy target. Defending against DDoS attacks doesn’t have to be a challenge. Ways to help defend against DDoS attacks include:
- Identifying unusual traffic activity
- Using the needed amount of bandwidth
- Avoiding the wrong response to extortion attempts
- Immediate contact with your ISP
- Developing a Comprehensive Approach to DDoS Security
Insider Threats
Insider threats continue to infect organizations of all sizes. Experts estimate that insider threats are behind roughly 50 percent of data breaches, according to McKinsey & Company. Such incidents are usually driven by financial gain or negligence.
Though the thought process behind insider threats is gaining popularity within organizations, enterprises may not always be proactive as the majority of network security defenses are configured to protect from external threats.
Insider abuse can include but is not limited to:
- Remote access to sensitive data
- Unauthorized deletion of data
- Unauthorized access to shared folders
- Unapproved hardware/software
Organizations may find that those who already have legitimate, authorized access to sensitive data operate illicitly, many times with few or no limitations on their access and agency. This reality underlines the need for consistent monitoring of suspicious activity.
Cloud Security
The security behind legitimate cloud services is being co-opted. As more organizations gravitate toward the cloud for data storage and retrieval, hackers have found a way in. They use the same legitimate services but may have ulterior motives and can wreak havoc.
Organizations can be left vulnerable as they have come to trust common cloud platforms and take a reactive approach to any questionable activity. This comes at a huge cost to them in the form of downtime and leveraging resources to do damage control.
Several incidents have been reported in 2019, including one affecting the City of Tallahassee and resulting in an initial loss of $500,000 from the city’s human resources department. According to a May 2019 Tech Times article, a Dropbox link was used in a phishing scam from the email account of the city manager. The link contained a virus allowing hackers to infiltrate the payroll network and induce panic.
As Software-as-a-Service(SaaS) continues to grow, and services move to the cloud, organizations still need to be wary of policies and procedures that can in essence lead to a false sense of responsibility and security for data in the cloud.
Minimize Risk With File and System Integrity
For many in IT, network vulnerabilities might not be emerging risks but oversights. The continual challenge of maintaining compliance and maintaining the integrity of the enterprise IT infrastructure is not always standardized.
Utilizing file and system integrity monitoring software, specifically one with auditing capabilities, flexible response options, and automated detection processes may decrease the risk organizations face daily.
Network-wide file and system integrity monitoring can establish total accountability with audit trails that cannot be altered. It should also offer unique, advanced protection against threats by providing admins with the ability to restore systems and files to a prior state immediately.
To learn more about File Integrity Monitoring, download the Definitive Guide to File Integrity Monitoring today.
– Jacqueline von Ogden is the Director of Marketing and Communications at Cimcor, Inc., and she authored this original blog post.
Cimcor provides solutions for Real-time, File Integrity Monitoring, Network Configuration, and Compliance.
Sponsored by Cimcor
Founded in 1997, Cimcor is an industry leader in developing innovative security, integrity and compliance software solutions. The firm is on the front lines of global corporate, government and military initiatives to protect critical IT infrastructure and has consistently brought IT integrity innovations to market.
Cimcor’s flagship software product, CimTrak, helps organizations to monitor and protect a wide range of physical, network and virtual IT assets in real-time. Built around leading-edge file integrity monitoring capabilities, CimTrak gives organizations deep situational awareness including who is making changes, what is being changed, when changes are occurring, and how changes are being made. This, coupled with the ability to take instant action upon detection of change, gives organizations assurance that their IT assets are always in a secure and compliant state.
Cimcor is headquartered right outside of the Chicago, IL market with business operations worldwide.