Simplify and cooperate to beat back the cybercrime wave

Complexity, recent data breaches, and perceived urgency are creating opportunities for online criminals.

Perhaps the most significant challenge facing businesses today is information security. In one sense, it could be argued that enterpise security's biggest enemy, and threat actors' biggest opportunity comes from complexity. As the number of applications and their locations have multiplied, and as cloud systems have become increasingly popular, so have the number of attack surfaces and potential vulnerabilities companies are exposed to.

"It's changed traffic patterns, behaviours, network architectures. All the traffic is, or most of the traffic, is going to the cloud now," said Scott Raynovich from independent research firm Futuriom at the recent NetEvents forum held in San Jose.

"It used to be in a self-contained world of a corporate WAN or a LAN and now everybody's hitting things in the cloud."

With security challenges now spanning end-points, containers, SaaS applications and the data centre, CISOs literally have hundreds of tools to choose from and need to evaluate hundreds of potential problems.

One approach businesses take is to invoke a zero trust policy where no user or device is considered to be safe.

Infosec researcher, Ted Ross, suggests that zero trust needs to extend to people you think you know, such as employees and customers.

"Zero trust to us also means that at work, you don't trust your employees logging in," he said.

"How do you know when somebody logs in that it's actually your employee? Furthermore, when a customer logs in to your website, how do you know it's actually your customer?".

With user accounts compromised through massive data breaches, he said account takeover remains a significant threat due to username and password reuse.

Business email compromise is now the most reported type of cybercrime to the FBI, and enterprises need to be on the ball when it comes to attacks using a combination of email and social engineering.

"We have a list of things that we try to tell people to look for. One of the first things that we have to educate employees to look for is the sense of urgency," Michael Levin, formerly of the Secret Service and current CEO of the Centre for Information Security Awareness, said.

"Nine times out of 10, when there's this sense of urgency, it forces people to make decisions very quickly and it often results in a fraud. So, we tell them, if you have that sense of urgency, like the executive that is emailing, there needs to be a phone call."

Tom Edwards, a servicing member of the US Secret Service's Department of Homeland Security said one potential remedy to this comes through greater cooperation between parties fighting against cybercrime.

"It takes a lot of players, a lot of partners, both in the public and private sector," he said.

"If we're not sharing information about the latest cyber threats, and there isn't that synergy between government and industry, then we're losing the battle against cybercrime. We're learning that the hard way, with mounting losses".

With the number of different systems we use increasing -- the majority of large companies are now considered multi-cloud -- people are under more pressure to access systems from anywhere and at any time. There is a sense of psychological urgency that is invoked when we receive email or texts from specific sources and billions of user credentials have been stolen over recent years.

All those factors have come together to create a massive opportunity for cybercriminals. But through user education, constant monitoring for when stolen credentials are accessed, and by cooperating with our peers and law enforcement, it is possible to make life a lot harder for threat actors.

Anthony Caruana attended the NetEvents Global Summit as a guest of NetEvents.

Related Coverage