Expanding a business’ digital footprint has its tremendous advantages. However, it also comes with inevitable risks. Knowing these risks and cybersecurity threats together with the proper solutions can help organizatons be properly educated to ensure the safety of all its sensitive data and resources.
As part of its #makeITsafePH cybersecurity campaign, Globe Business, the information and communications technology arm of Globe Telecom shares the top five cyber threats that business should be looking out for:
Ransomware is a threat that has evolved from invading home or office systems to the cloud. According to MIT Technology Review (www.technologyreview.com), “One big target in 2018 will be cloud computing businesses which house mountains of data for companies. Some also run consumer services such as e-mail and photo libraries.”
Ransomware growth in 2017 topped 2,500%, hitting hospitals, private businesses, and individual users. A major concern about ransomware attacks is that it is not limited to personal computers running Windows. Hackers are also targeting Macs and Linux PCs.
Phishing attacks through social engineering is another major threat, this time with individuals as main targets. Hackers use more complex manipulation methods in getting vital information from people who are already confident of their company’s IT security. Continuous security education and awareness should also evolve in the workplace.
The rising popularity of cryptocurrencies is another trend that concerns online security officers of big businesses. The threat brought about by it is stealing a hardware’s computing power. Hackers will compromise vulnerable systems by targeting its processing capabilities and mining them for cryptocurrencies.
Another threat involves cyber-physical attacks or the hacking of electrical grids, transportation systems, and critical infrastructure in many countries worldwide.
Meanwhile, the use of password alternatives like multi-factor authentication (MFA) or risk-based authentication will become a trend among many companies. According to International Data Group’s companion website CSO Online (www.csoonline.com), many breaches of sensitive online information is due to password-only authentication that’s becoming easy targets for hackers. Companies want to increase online security by implementing MFAs or risk-based authentication and this may lead to the decline of password-only authentication use.
“These days, it is hard to think of a business that is not present online. Advancements in technology have opened doors for enterprises to rely heavily on the internet. However, with almost everyone having access to the Internet, risks of being breached are at an all-time high. This is why we aim to assist enterprises in providing client protection by offering cutting-edge online security solutions,” says Peter Manquera, SVP for Globe Enterprise Group.
“Businesses need to be proactive in combatting threats not only to protect their data, but also to make customers feel safe. Security never ends after an attack,” he added.
To prevent becoming victims of cybersecurity threats, Globe myBusiness has come up with cost-effective tailor-made solutions which allow businesses to mitigate security threats before they happen. Among these solutions are: Anti-DDOS (distributed denial-of-service) which protects online services by keeping servers up and running; Managed Enterprise Firewall for real-time visibility that allows quick identification and validation of potential threats to the network; and Secure Email Gateway Cloud which eliminates threats before they reach the network and provides centralized email security for all environments, among others.
Also, through the #makeITsafePH campaign, the company provides practical tips and easy-to-digest information about the various threats an organization may face. With this, every client is fully informed and aware of the responsibilities to protect their organization. To know more about cybersecurity efforts of Globe Business, please visit http://business.globe.com.ph/solutions/cybersecurity.html.
Massive DDOS attack vector found
Content-delivery network services provider Akamai has sent out an alert: “A new DDoS reflection attack vector has been identified.” The media and software delivery and cloud security provider said in an email sent to technology journalists.
Akamai identified the massive, 1.36 Tbps attack as the largest DDOS attack it has ever seen and said it contained user data protocol (UDP) reflection attacks coming from exposed memory in key value (memcached) servers. “There are currently more than ~90,000 known vulnerable systems exposed at this time.
Akamai is the leading content delivery network (CDN) services provider for media and software delivery, and cloud security solutions,” Akamai said in its bulletin. The firm also said it “mitigated the attack using Prolexic.”
“Attacks of this size cannot be easily defended against by data center solutions, and require organizations to offload the attacks to cloud based DDoS protection services [that] have the scale and distribution to handle the scale of such attacks.”
Akamai also warned that organizations “need to be prepared for these massive DDoS attacks using UDP reflection and should plan accordingly.” Most DDoS mitigation services, Akamai said, “cannot withstand this size of attack, and based on SLAs (service-level agreements), are known to blackhole customer traffic, which we have seen with customers who have come to Akamai following such an experience.”
According to the Akamai blog, “memcached is a tool meant to cache data and reduce strain on heavier data stores, like disk or databases. The protocol allows the server to be queried for information about key value stores and is only intended to be used on systems that are not exposed to the Internet.
There is no authentication required with memcached. When this is added to the ability to spoof IP addresses of UDP traffic, the protocol can be easily abused as a reflector when it is exposed to the Internet. Akamai has seen multiple attacks, some in excess of 190 Gbps, with the potential for much larger attacks.”
This protocol was “never meant to be exposed to the internet,” the blog noted, “but there are currently more than 50,000 known vulnerable systems exposed at the time of this writing.”