The biggest security challenge facing individuals and businesses today isn’t scale. It’s hyperconnectivity. The various devices and applications being used in homes or at organizations have now become so intertwined that it’s hard to keep them separate. The cloud allows users to access data and information from any device with a Wi-Fi connection or data plan, and IT consumerization encourages those same users to download new applications and storage solutions to use and share across a wide variety of devices.
And while user-based devices, such as smartphones, tablets, or laptops, drive many of these interconnections, many of them are not user-based at all. IoT devices, for example, regularly initiate connections with no human intervention whatsoever. And as we all know by now, IoT devices often introduce a whole new set of vulnerabilities and risks into our networks.
But this is also about more than just those devices that reach out and share data or services. Entire networks are being connected, sometimes inadvertently as a result of hyperconnectivity, but increasingly, this is happening intentionally as a result of hyperconvergence that is enabling things like smart cars and smart cities to work as complex, interconnected systems, but which are also compounding the complexity of the security challenge.
One result of our increased technology use is that it has opened up users and organizations to advanced cyber-risks that they are often poorly prepared to defend against. And now, with the crossover and sharing of devices, information, and networks, these risks are being compounded.
The result is that cybercriminals are working overtime to develop and deliver new exploit designed to target this new attack surface. The Q4 2017 Fortinet Threat Landscape Report, for example, reported that an average of 274 attacks were detected per surveyed firm, which is an alarming increase of 82 percent over the previous quarter. At the same time, the number of distinct malware families detected increased by 25 percent (to 3,317), with unique variants growing 19 percent (to 17,671).
These numbers not only show a dramatic growth in the volume of attacks, but also in the evolution of malware itself. If organizations want to protect their networks and data from the onslaught of attacks coming from compromised corporate and employee devices, it is essential that they begin to rethink their security strategies.
As connected devices and applications continue become more and more critical components of our daily lives, the impact of poor security practices is having further-reaching consequences than ever before. For example, connecting a device to an infected home network and then taking that same device to work can set off a chain reaction of infection that could potentially lead to a breach of company and consumer data. And as internal networks continue to merge, and cross-organizational networks and data become more common, we are also seeing a dramatic escalation in the ability of attacks to spreading globally, rather than just within a regional or vertical market.
The reality of this sort of threat is being realized in part as the result of the growth of in-home networks built around a variety of connected devices, from personal devices to entertainment systems to smart appliances and security systems. In fact, 1 in 5 American homes now contain 10 or more connected devices, and at the same time, higher numbers of employees are electing to work remotely more often and for longer periods of time. As a result, compromised personal devices and home networks are now frequently used by cybercriminals to not only steal personal data, but to also create IoT botnets, carry out DDoS attacks, deliver ransomware, and spread malware—all of which can have devastating effects on an organization.
As the world becomes more connected, strong cybersecurity practices at home and at work are more important than ever. As employers and individuals navigate this evolving landscape, here are several cyber-hygiene guidelines to keep in mind.
If you are considering purchasing or downloading a new device or application, whether it’s a new phone or a smart refrigerator, check to be sure they don’t also carry new security risks. This means going online and doing some research to ensure there are no known vulnerabilities for the device or, if there are, that they have been fully patched. Additionally, it’s important to know that a device or application will continue to be supported by the manufacturer, and whether you can count on them to release regular updates and patches.
Once you have done your homework, determined that the product does not represent a risk, and added it to your network, it is important to then add it to your device inventory. Establish an inventory of every connected device and application you use, both at home and at work. Then use that list to run a regular check on each one to ensure there have been no recent security incidents related to that product, that the latest patches have been installed, and that the manufacturer is still supporting them. This should also include any cloud-based services you use, which can help mitigate risks related to the use of shadow IT.
While these sorts of inventory reviews may require time, they are an important part of ensuring that one at-risk device doesn’t end up compromising your entire network, or other networks or devices that you connect to. Additionally, inventory reviews help remind us to remove data from unused or unwanted applications and then delete them. This same practice should also happen regularly on your smart devices, where apps have a tendency to accumulate and then pose a potential risk.
When connecting to or storing sensitive data on personal devices, within applications, or on your network, it is important that you have security tools in place to detect and deter malware and cybercriminals. For home networks, this often means using a firewall and encryption. A firewall ensures that malicious traffic from compromised devices, applications, or websites that try to enter your network are detected and stopped. Many modern wireless access points and endpoint security clients include firewalling, antivirus, antimalware, and other tools, and unless you are doing something unique, the default settings are usually adequate. However, this may be a good time to make a call on your local computer store or help desk to get some advice on best practices.
Connecting to public Wi-Fi is another common consumer practice that poses substantial risk to device and network security. If you have to leverage public Wi-Fi, you should be sure that any sensitive data or communications is encrypted and that you always use a VPN (virtual private network) tunnel when connecting a personal device to a corporate network.
Reusing passwords across multiple accounts makes you susceptible to account takeover or credential stuffing attacks. This is because if your password becomes compromised on one site, it is compromised on any others that use the same password. Of course, remembering usernames and passwords can quickly become complicated as we conduct more and more transactions online. So consider using a password management tool with its own unique password to help you keep track of your login data. Another option is to also enable two-factor authentication to ensure that only you can access your information. This functionality can be enabled across nearly all devices and email accounts.
Even with all the sophisticated malware and hacking techniques out there, email is still the number one way that devices and networks get compromised. Cybercriminals often try to scam their way into networks using phishing attacks or malicious emails posing as legitimate communications. To ensure security, never click on an unfamiliar link or attachment. Additionally, be sure to double-check that emails requesting sensitive information are actually coming from the person they claim. Often, scammers will use almost the same email address as a well-known institution or authority figure, but with a slight misspelling or grammatical error that links to a malicious file or compromised site where unsuspecting users are exposed to malicious content.
As cyberattacks become more sophisticated, consumers and employers have to be more aware of what devices and applications they use, where and to what they connect those devices, and where they store their data. This is especially true as devices, accounts, and even networks become more interconnected, resulting in sensitive data being kept in more places. As we move aggressively into the new digital economy, where data and connectivity are highly valuable resources, following the cyber hygiene guidelines list above will help mitigate the growing risk of cyber compromise.
Check out our latest Quarterly Threat Landscape report for Q4 of 2017 for more details about recent threats.
This byline originally appeared in CSO.