Preventing the Next Cyberattack
The outbreaks of WannaCry and Petya as well as large breaches such as the HBO leak and Equifax illustrated the huge global impact and devastation that can be caused by modern cyberattacks. Today’s threat actors have more powerful and destructive tools at their disposal than ever before.
Check Point’s report “The Next Cyber Attack Can Be Prevented” discusses the growing threats and provides guidelines for the approach that organisations should take and technologies they should use in order to prevent the next attack.
A Wakeup Call
In today’s modern world, people’s information and transactions are completely digitised. Whilst this incredible technology holds huge opportunities it also means that organisations are more vulnerable and more exposed than ever before. The two massive cyberattacks in May and June 2017 demonstrated this fragility by paralysing companies across the world and causing huge financial losses.
Cyberattacks continue to grow at an alarming rate- in volume, sophistication and impact. As of May 2017, Check Point products detected over 17 million attacks each week, more than half of these attacks include payloads which are unknown at the time of detection and cannot be detected by conventional signature-based technology.
In this age of super powered cybercrime, the need to protect from advanced attacks is more essential than ever and companies must utilise cutting-edge technologies in order to remain protected.
How To Prevent The Next Attack
1.Maintain Security Hygiene
- Patching – Commonly attacks penetrate by leveraging known vulnerabilities for which a patch exists but has not been applied- organisations should strive to make sure up-to-date security patches are maintained.
- Segmentation – Apply strong firewalls and IPS safeguards between the network segments in order to contain infections from propagating across the entire network
- Review – Security products’ policies must be carefully reviewed, and incident logs and alerts should be continuously monitored
- Audit – Routine audits and penetration testing should be conducted across all systems
- Principle of least privilege – User and software privileges should be kept to a minimum- consider whether it’s necessary for all users to have local admin on their PCs.
2. Choosing Prevention Over Detection
- Companies often claim that attacks will happen either way, there is no way to avoid them, and therefore the only thing left to do is to invest in technology that detects the attack once it has already breached the network and mitigate the damages as soon as possible.
BUT THIS IS SIMPLY NOT TRUE!
- Not only can attacks be blocked, Zero-Day attacks and unknown malware are also preventable. With the right technologies in place, even the most advanced attacks can be prevented without disrupting the normal business flow.
3. Leveraging a complete unified architecture
- Many companies attempt to build their security using a patchwork of point products from multiple vendors. However, this approach almost always fails because the technology is disjointed and therefore, they don’t collaborate. This creates gaps in the security and introduces a huge overhead of working with multiple systems and vendors.
- This inefficient approach means that many attacks are not prevented, forcing organisations to invest more on post-infection and breach mitigation.
- Companies should adopt a unified multi-layer approach, that protects all IT elements including networks, endpoints, cloud and mobile, all sharing the same prevention architecture and the same threat intelligence.
4. Covering All Attack Vectors
Attackers use many malicious tricks to penetrate. The top vectors include:
- E-Mail or Text Message
Send email or text message with a malicious attachment or a malicious link
- Web Browsing
Compromise the user’s browser (typically through exploit kits) or trick a user to download and open a malicious link
- Server and Systems Exploitation
Infect by exploiting unpatched vulnerabilities in any online host
- Mobile Apps
One of the most common sources for compromising mobile devices is through mobile apps
- External Storage
Physically mounted drives allow malicious files to enter without even traversing the network. To achieve effective coverage, organisations should seek a single solution that can cover all bases, one that provides a broad prevention across all surfaces of attack, including mail, web browsing, systems exploitation, external storage, mobile apps and more.
5. Implementing the Most Advanced Technologies
Attack techniques are diverse and constantly evolving. There is no silver-bullet single technology that can protect from all threats and all threat vectors.
There are many great technologies and ideas available, each of which can be highly effective in specific scenarios, covering specific file types or attack vectors. A strong solution is one that integrates a wide range of technologies and innovations in order to effectively combat modern attacks in IT environments.
Prevention is Key!
In order to truly combat the next threats, organisations must take a proactive approach, utilising advanced technologies that can prevent even the most evasive zero-day attacks. Companies should seek to adopt a proven unified solution, which offers a broad multi-layered cyber protection architecture, implemented across their entire IT infrastructure and covering all attack vectors.
How Mobliciti can help
Mobliciti offer a range of threat prevention technologies for both mobile and cloud. Our solutions are best-of-breed and can protect against the next generation of cyberattacks. Get in touch to find out more.