Cyber Threat Analysis 27 Feb 2017

Analysis & Commentary on the Week’s Cyber Security Issues

The “so what” factor feeds and aggregators don’t give you.

Subscribe to the Cyber Threat Analysis Weekly

Developing Countries Show Malicious Hack Attack Growth

No one country or nation-state is immune from cybersecurity threats or other malicious hacker attacks. Many of these attacks are increasingly being launched by developing countries. Increased cybersecurity and data privacy regulations throughout  developed countries is causing the bad guys to move to the easier places to launch cyberattacks. Countries like Vietnam and Ukraine, which account for approximately 12% of the total malicious IP addresses, don’t have a robust data protection regime. Those that do often don’t have effective enforcement procedures.(Bloomberg BNA)

I’m shocked to find cybercrime happening here. There will always be parts of the world where the ‘rule of law’ is really more of a guideline. In those places cybercrime will thrive alongside all other forms of malicious and nefarious schemes. The complexity associated with tracking down online criminals works for both the criminals and those states where self-enrichment is a higher priority than strong governance. As long as “we don’t have the resources or expertise to find them” is a perfectly legitimate excuse, why would a kleptocracy or effectively failed-state care about your warrant?

Hacking Hasn’t Made a Big Impact on Online Shopping Habits

After a slew of data breaches at major companies, US internet users are worried about their digital privacy. But not so worried as to significantly change the way they shop. A January 2017 survey conducted by Blumberg Capital found a variety of responses to concerns about hacking, but only a small minority of internet users (19%) said they had actually cut back on shopping digitally. (eMarketer)

When its cheap and easy to make people whole, why bother working harder? Of course no one notices the $.0001 increase in fees and prices in the fine print, which means victims pay for their pwnage twice. Functionality and convenience will always trump security and privacy, until a sufficiently tragic event demonstrates the foolishness of kicking the can down the road. Until a more secure online shopping experience is as friction-less as the online shopping experience itself, don’t expect a change in the status quo.

Healthcare data breaches ‘mostly caused by insiders’

Targeting healthcare organizations remains about as easy as shooting fish in a barrel. The industry has one of the lowest rates of data encryption and the security culture is severely lacking. Employee education remains poor, leading to a lot of costly mistakes in how patient data is handled. Two new reports show that the number of privacy violations in healthcare organizations remains high, and that clueless or malicious insiders are a huge problem left unchecked. (Naked Security)

The importance of culture cannot be underestimated. In a life and death environment, there are higher priorities than password length and complexity. Approaches to security that work in generic office environments fail to take into account the challenges of the healthcare environment. The most effective way to drive change in such environments it to imbue into staff the long-term impact of a security failure can have on a patient’s life. They might leave the hospital healthy, only to suffer a lifetime of identity theft and financial fraud. Security in sufficiently challenging environments may not look like it does in a bank, but as long as it functions effectively we should consider that a yard gained.

Survey: Most Hackers Break in Within Six Hours

A survey of 70 professional hackers and penetration testers has found that 60% of them take a maximum of just six hours to compromise a target. And 17% among them took just two hours to gain entry. Another 28% took between six and 12 hours to break down the locks. (ITWire)

Cue someone arguing how attackers only have to be right once. A clear sign that person has no idea how hard offense is in the real world. Offense looks easier because defense in most organizations is so woefully inadequate. As a matter of fact, attackers have to be right many times, and in series. Focusing your efforts on rapid and precise detection, and rapid response, is what will help reduce – if not outright thwart – the impact of an attack.

Cyber Tops List of Threats to Business Continuity

Cyber attack is once again the top threat perceived by businesses, according to research by the Business Continuity Institute. 80% of organizations are either ‘extremely concerned’ or ‘concerned’ about the possibility of a cyber attack, according to the research. The threat of a data breach remains in second place (81%), while unplanned IT and telecom outage stays in third place (80%). (Security Magazine)

Its not just a security issue, its a business issue. Particularly in the age of ransomware, it takes very little to bring a company to its knees, both because of the initial event, as well as the costs associated with getting back to business. The strength of your cyber security efforts is rooted in planning, and ensuring you delve down deep enough and widely enough to consider the full implications of a security failure. This is an issue that is too important to leave to the nerds. It requires an inter-disciplinary effort and support from the top in order to succeed. Just as important is its practicality: In an emergency no one is going to read 100 pages of flowery prose.