Learn about the threats that are coming our way. Get ready with CISCO UMBRELLA.Maria Cruz Alcocer
Learn about the threats that are coming our way. Get ready with CISCO UMBRELLA
The big security threats in 2018
We are gearing up for an action-packed 2018. Incidents like the WannaCry attack, which affected more than 200,000 computers worldwide in May 2017, are just the heating up of a new year of more virulent malware and DDoS attacks. Get ready with CISCO UMBRELLA
We find a large number of devices connected to the Internet “Internet of Things”. We are not aware of its effect on our network. A printer? A sensor in my production line? Smart TV? They are weak points within the security of your network and that seriously affect your business. It has no limits, it occurs both in companies and in homes.
According to various security studies, the main threats that we will encounter in 2018 are:
1.- Fileless and lightweight file malware will be triggered.
Fileless and low file load malware will pose a significant threat.
2.- Software security in the cloud will continue to be a challenge.
SaaS adoption continues to grow rapidly, as organizations embark on digital transformation projects to drive business agility.
3.- Ransomware, now against home devices.
This is a type of malware attack in which the victim’s computer or device locks or encrypts all their information, until the victim pays a ransom. They take advantage of the massive increase in connected home devices. Users are generally unaware of threats against smart TVs, smart toys, and other smart devices, which are an attractive target for cybercriminals.
4.- IoT devices will be hijacked and used in DDoS attacks.
The past year saw massive DDoS attacks using hundreds of thousands of compromised Internet of Things (IoT) devices in homes and workplaces. Criminals will exploit poor security settings and handling of home IoT devices.
5.- IoT devices will give persistent access to home networks.
IoT devices in the home will be used by criminals to provide access to the network. Home users often do not consider the security of their IoT devices at home; therefore, they leave the default configuration and do not update it, as they do with their computers. The attacker will always have a backdoor in the victim’s network and the systems to which it connects.
6.- Financial Trojans will continue to be very profitable.
Financial Trojans are among the first pieces of malware to be monetized by cybercriminals. From their beginnings as simple financial data collection tools, they have evolved into advanced attack schemes that target multiple banks, send stealth transactions. The move to app-based mobile banking has reduced some of the effectiveness, but cybercriminals are moving their attacks quickly on these platforms. And criminals’ profits from financial Trojans are expected to grow, giving them higher profits even than ransomware.
7.- Risks in infrastructure as a service (IaaS).
Infrastructure as a Service (IaaS) has changed the way organizations run their operations, delivering huge benefits in agility, scalability, innovation, and security. But it also comes with risks, with simple mistakes that can expose a large amount of data and wipe out entire systems.
8.- Software security in the cloud will continue to be a challenge.
Digital transformation drives the adoption of SaaS (Software as a Service). But this presents many security challenges, as access control, data control, user behavior, and data encryption vary significantly between SaaS applications.
9.- Attacks on the supply chain increase in speed and complexity.
Large companies often have very secure networks, but their suppliers, contractors, and customers do not necessarily. With publicly available information on technology, vendors, contractors, associations and key personnel, cybercriminals can find and attack weak links in the supply chain.
10.- Criminals will use artificial intelligence and machine learning.
Until now, artificial intelligence (AI) and machine learning (Machine Learning) have been used as protection and detection mechanisms. But this will change in 2018 as cybercriminals will use AI and ML to carry out attacks.
What is the current situation in our companies?
- 25% of our traffic bypasses our security perimeter.
A connected printer, sensors in my company … are devices that I do not control easily and in most cases we do not know the traffic they generate, they are attackable points.
- 49% of our workers are mobile .
A worker connected to the wifi of a hotel, restaurant, airport … it is a potential threat.
- 82% of VPN users admit that they are NOT using the VPN.
They only use it to access applications found on the company network.
- 70% increase in the use of SaaS applications.
- 70% of companies in multi-site environments have non-centralized internet access.
Having non-centralized and independent internet access in each of our delegations and / or remote users and not providing all of them with the same level of security.
For all this we can say that the current situation of our companies is that “Much of my processes and my data go outside my corporate network”
CISCO UMBRELLA solution
What is CISCO UMBRELLA?
It is a cloud security platform that offers the first line of defense against Internet threats wherever users are.
Security solution that relies on DNS requests.
- Simple to deploy.
- Evolve with threats.
- The browser-based interface provides quick setup and ongoing management.
- Provides visibility into Internet activity for all devices even when users are outside of your corporate network.
What is included?
- Cisco Umbrella provides complete visibility into Internet activity for all locations, devices, and users.
- Block threats before they reach your network or endpoints.
- Threat protection like no other: malware blocking, Call2back callbacks, and phishing.
- Predictive intelligence: automate threat protection by discovering attacks before they go live.
- Worldwide coverage in minutes – no hardware to install or software to maintain.
- Security Reports – Get a personalized summary of malicious requests and more, right to your inbox.
- Confirm compliance with corporate policies and practices for patching applications and for the operating system.
- Perform deeper and more advanced security analysis.
- Back up your data frequently and try the restore procedures.
- Perform a security analysis of the microservice, cloud service, and application management systems.
Strategic security enhancements must be made, like never before, and investments in technology to incorporate best practices to reduce exposure to emerging risks.
CISCO UMBRELLA: Platform of cloud security offering the first line of defense against Internet threats wherever users are.