Submitted by CyberHub Summit on Fri, 03/29/2019 - 10:05
Three Huge Cyber Security Threats
Three Huge Cyber Security Threats

Cyber penetrations: the threats keep on coming, as do the countless corporate and individual victims. Whilst we battle the long hard fight against cyber penetration, the responsibility to self-educate lies in the hands of the consumer. The more you learn, the more you can prepare. 

Learn more about the current top three threats and decide how you want to stay protected.   

  1. Cloud weaknesses

As our reliance on the cloud to store our data increases, so does the risk of a serious cyber breach on cloud services, to hackers, lots of data means lots of money. 

There is a somewhat false sense of security when it comes to cloud data protection and many companies wrongfully feel that because they have a software solution they are ‘safe’. 

Unfortunately, without taking a few more steps which will obviously incur expenses, such as backing up files across multiple cloud accounts, using hardcore passwords, two factor authentication and purchasing cyber insurance, you are simply pushing the cyber risk to a place where you can’t see it.

The biggest threat

The risk of cloud storage is really synonymous with the threat to privacy. Whilst it is less likely that your data will be stolen, it still has a huge chance of being viewed, especially if passwords are weak. 

[ Join our community and receive quality content with the CyberHub Engage Newsletter ]

The biggest example

The Great iCloud Hack of 2014, where almost 500 nude pictures of celebrities were accessed and published online. These were posted on the imageboard 4chan and distributed through Imgur and Reddit. These were stolen through spear phishing attacks.

  1. Third party exposure

Huge changes are taking place in third party liability in online financial transactions, however, using third parties for services, does not clear the seller of responsibility for data breaches. Companies wrongfully believe that because they do not directly handle sensitive data, they aren’t potential targets, unfortunately, this is not the case.

The biggest threat 

Cyber insurance coverage, hackers can infect third party vendors with malware and steal data, yet the seller is still liable. 

The biggest example 

Still one of the worst attacks, was when they targeted Target. Back in 2013, this massive breach compromised the credit card details of up to 110 million people.

Target claimed that hackers gained access through a third-party HVAC vender to its point-of-sale (POS) card readers.  Target’s CIO resigned in March 2014, and its CEO resigned in May. The company estimated the cost of the breach at $162 million.

  1. BEC
    Business E-mail Compromise attacks or whaling, is a huge concern today. This type of corporate infiltration is deeply clandestine and unnervingly personal. It involves hackers using an employee to gain access to your data through a scam or deception of some sort and it is highly varied and becoming increasingly sophisticated.

An FBI report has claimed that these types of attacks between 2016-18 amounted to global losses of $12.5 billion, with 25% occurring in the US. Nearly one quarter of those losses occurred within the U.S.

The biggest threat 

Business email compromise attacks require little to no tech sophistication.  The CyberHub Academy Research Team state that a recent successful BEC campaign targeting the oil-and-gas industry was carried out by a single person, who wasn’t particularly highly skilled or using advanced malware.

Basically, anyone who can use a keylogging application and wants to spend the time creating fake yahoo accounts can start trying to infiltrate businesses.

Protection against BEC attacks

  1. Email authentication, so that only sanctioned senders can send email messages through your domain. This is something that will soon become part of standard practice anyway.
  2. Use an effective secure email gateway (SEG) to prevent incoming messages with suspicious content 
  3. Educate staff to recognize basic phishing messages that make it through your security net.

[ Join our community and receive quality content with the CyberHub Engage Newsletter ]