Learn about the threats that are coming our way. Get ready with CISCO UMBRELLA
The big security threats in 2018
We are preparing for an action-packed 2018. Incidents like the WannaCry attack, which affected over 200,000 computers worldwide in May 2017, are merely a warm-up for a new year of more virulent malware and DDoS attacks. Get ready with CISCO UMBRELLA
We find ourselves with a large number of devices connected to the Internet “Internet of Things”. We are not aware of their effect on our network. A printer? A sensor on my production line? Smart TV? These are weak points in the security of your network and seriously affect your business. It has no limits, it happens in companies as well as in homes.
According to various security studies the main threats we will encounter in 2018 are:
1.- Malware will be triggered without files and with light files.
Fileless and low-file-load malware will pose a significant threat.
2.- Cloud software security will continue to be a challenge.
SaaS adoption continues to grow rapidly as organizations embark on digital transformation projects to drive business agility.
3.- Ransomware, now against home devices.
This is a type of malware attack in which the victim’s computer or device is locked or all information is encrypted until a ransom is paid. They take advantage of the massive increase in the number of connected home devices. Users are generally unaware of threats against smart TVs, smart toys and other smart devices, which are an attractive target for cybercriminals.
4.- IoT devices will be hijacked and used in DDoS attacks.
Last year saw massive DDoS attacks using hundreds of thousands of compromised Internet of Things (IoT) devices in homes and workplaces. Criminals will exploit poor security configurations and management of home IoT devices.
5.- IoT devices will give persistent access to home networks.
Home IoT devices will be used by criminals to provide network access. Home users often do not consider the security of their IoT devices in the home; therefore, they leave the default settings and do not update them, as they do with their computers. The attacker will always have a backdoor into the victim’s network and the systems they connect to.
6.- Financial Trojans will continue to be very profitable.
Financial Trojans are among the first pieces of malware monetized by cybercriminals. From their beginnings as simple financial data collection tools, they have evolved into advanced attack schemes that target multiple banks, send hidden transactions.The move to app-based mobile banking has reduced some of the effectiveness, but cybercriminals are rapidly moving their attacks to these platforms. And criminals’ profits from financial Trojans are expected to grow, bringing them greater profits even than ransomware.
7.- Risks in infrastructure as a service (IaaS).
Infrastructure as a Service (IaaS) has changed the way organizations run their operations, offering huge benefits in agility, scalability, innovation and security. But it also presents risks, with simple mistakes that can expose a large amount of data and bring down entire systems.
Security in cloud software will continue to be a challenge.
Digital transformation is driving the adoption of SaaS (Software as a Service). But this presents many security challenges, as access control, data control, user behavior and data encryption vary significantly between SaaS applications.
9.- Attacks on the supply chain are increasing in speed and complexity.
Large companies often have very secure networks, but their suppliers, contractors and customers do not necessarily. With publicly available information on technology, suppliers, contractors, partnerships and key personnel, cybercriminals can find and attack weak links in the supply chain.
10.- Criminals will use artificial intelligence and machine learning.
Until now, artificial intelligence (AI) and machine learning (ML) had been used as protection and detection mechanisms. But this will change in 2018, as cybercriminals will use AI and ML to carry out attacks.
What is the current situation in our companies?
- 25% of our traffic does not pass through our security perimeter.
A connected printer, sensors in my company… these are devices that I do not control easily and in most cases we do not know the traffic they generate, they are attackable points.
- 49% of our employees are mobile.
A worker connected to the wifi of a hotel, restaurant, airport…. is a potential threat.
- 82% of VPN users admit that they do NOT use VPN.
They only use it to access applications on the company’s network.
- 70% increase in the use of SaaS applications.
- 70% of companies in multi-site environments have non-centralized Internet access.
Having non-centralized and independent Internet access in each of our branches and/or remote users and not providing them all with the same level of security.
Therefore, we can say that the current situation of our companies is that ” A large part of my processes and data go outside my corporate network”.
CISCO UMBRELLA Solution
What is CISCO UMBRELLA?
It is a Cloud security platform that provides the first line of defense against Internet threats wherever users are located.
Security solution that relies on DNS requests.
- Simple to deploy.
- Evolves with threats.
- Browser-based interface provides quick configuration and ongoing management.
- Provides visibility into the Internet activity of all devices even when users are outside their corporate network.
What is included?
- Cisco Umbrella provides complete visibility into Internet activity across all locations, devices and users.
- Blocks threats before they reach your network or endpoints.
- Protection against threats like no other: malware blocking, Call2back and phishing.
- Predictive intelligence: automates threat protection by discovering attacks before they are launched.
- Worldwide coverage in minutes: no hardware to install or software to maintain.
- Security reports: get a personalized summary of malicious requests and more, right in your inbox.
Additional recommendations:
- Confirm that corporate policies and practices for application patching and operating system patching are followed.
- Perform deeper and more advanced security analysis.
- Back up data frequently and test restore procedures.
- Conduct a security analysis of the microservice, cloud service and application management systems.
Strategic security enhancements, as never before, and investments in technology must be made to incorporate best practices to reduce exposure to emerging risks.
CISCO UMBRELLA: Cloud security platform that provides the first line of defense against Internet threats wherever users are located.
