No target too small, no industry untouched

Automated attacks don't care how big or small your company and industry is.

While headlines warning of breaches, attacks and malware are becoming more commonplace, many business leaders still hold fast to the idea that the big one – whether it’s a DDoS attack or ransomware or the like – won’t happen to them.

Maybe it’s the ebb and flow of those worst cases –  exposures threatening millions of individuals – and the fact that months can pass between largescale attacks that lulls us into a false sense of security.

But here’s a sobering thought: every second, potential cyber victims are hit with roughly 15,000 malware attempts, 15,000 phishing attempts and 8,000 scans for known vulnerabilities or exposures.

So, while we may not always see them, cyberattacks are nevertheless ongoing. In fact, we’re witnessing a sharp and sustained increase in attacks over the public internet just within 2017.

Attacks are on autopilot

A recent Incapsula report found more than 50 percent of all web traffic is botnet traffic, rather than traffic initiated by human beings. While roughly 23 percent of botnet traffic is attributed to “good” bots like search engines and feed fetchers, approximately 29 percent of bot traffic is classified as the handiwork of bad actors or automated systems scanning for exposures.  

In the last month or so, alone, automated attacks hit some honeypots upwards of 750,000 times in a single day.

In other words, the bad guys don’t even have to keep their fingers on their keyboards to successfully infiltrate as many networks and machines as possible; their bots are doing it for them.

Are you a target? (Hint: the answer is yes)

Business leaders, regardless of industry or the size of their operations, should not assume they’re safe because someone else appears to be a better target. In this new cyber reality, everyone is a target. And it may be surprising to know just how big of a target you might be.

Here are some notable findings based on our recent threat intelligence over a rolling 30-day average:

5 top industries hit with malware

  1. Professional scientific and tech services (such as tech consulting firms)
  2. Education
  3. Manufacturing
  4. Retail (including clothing, food and hardware)
  5. Healthcare

While this short list represents a fairly broad and seemingly random section of the economy, each of these industries tend to have high value targets – either infrastructure or data – and more public infrastructure that’s exposable. Businesses in these industries should take stock of their network security measures to fend off potential malware.

5 top industries hit with phishing attempts

  1. Information firms
  2. Construction firms
  3. Utilities (power, especially)
  4. Supply chain management (organizations that provide supply chain services to others)
  5. Entertainment

Normally, we’d expect to see a strong correlation between businesses victimized by phishing and malware, but increasingly, that’s no longer the case. Organizations on this list may have less public-facing infrastructure than those in other industries – or they may already be inherently more secure, so bad actors are targeting the weakest link to gain unauthorized access to the enterprise: employees. This is why frequent and comprehensive employee education on phishing is so important.

Now what?

If, like me, you expected to see more critical infrastructure organizations – beyond supply chain and utilities – to be topping these lists, that’s proof enough that all businesses should be on alert for the next attack, which could very well be right around the proverbial corner. But how?

My advice to businesses, no matter their size or industry, is to embrace the boring! Focus on the logistical basics of security, that can have significant uplift in ensuring the integrity of the enterprise. For example:

  • Know what you are protecting. What data is important to your company that could be a target? What systems does that data reside on?
  • Audit your systems. Regularly audit those systems to ensure they are staying patched and protected.Ensure you know who accesses those systems, the data and how.
  • Patch early and often! A recent study published by Voke found lack of timely patches accounts for 80 percent of breaches.
  • Never stop monitoring. Monitor your systems for unusual or unauthorized access. Make sure you can detect when someone or something is attempting to violate the security controls of your network.

The real work of security – training, patching and monitoring – is pretty boring. But that’s still the best way to avoid becoming a cyber victim. 


Copyright © 2017 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)