Cybersecurity Firms Issue Annual Threat Reports

Joseph Bruemmer
BakerHostetler
Contact
LinkedIn
Facebook
X
Send
Embed

CrowdStrike, FireEye and IBM Security recently released their annual threat reports. These reports contain a wealth of information on recent trends in cybersecurity attacks and recommendations on the preventive measures companies can take to protect themselves. As attackers’ tactics, techniques and procedures continue to evolve, and as the attack surface of organizations continues to grow, it is increasingly important that companies stay up to date on these matters.

According to the reports’ authors, 2018 saw some notable changes in attackers’ focus and methodologies. They are increasingly “living off the land” by using common tools already existing on systems to achieve their goals. The use of scripting techniques, including PowerShell, command-line interface and similar techniques, has moved to the fore as a favored approach of attackers, reducing the efficacy of traditional methods of protection. Phishing attempts, including those involving business email compromise scams, and misconfigured systems, servers and cloud environments continue to present some of the largest risks of compromise to organizations. Indeed, based on a 2018 survey, one researcher concluded that misconfigurations represent the single biggest risk to cloud security. Attackers are also targeting suppliers and other third-party providers, broadening organizations’ potential exposure. Ransomware, while still popular, is being overtaken by mineware, or “cryptojacking,” as a vehicle for generating financial gain.

To reduce the risks posed by these developments, the authors recommended that organizations take the following actions, among others:

  • continue user awareness training and test campaigns with updated phishing techniques to educate their workforces;
  • enable multifactor authentication on O365;
  • enable audit logging on O365;
  • implement a robust privilege access management process, which will limit the damage that attackers can inflict if they do gain access to an organization’s systems and will limit the attackers’ ability to move laterally;
  • check and monitor settings on cloud service architecture and not maintain default settings; and
  • thoroughly vet third-party providers before they are engaged to ensure that they have robust security programs and continuously monitor them for compliance throughout the life of the business relationship.

Copies of the reports can be found here:

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BakerHostetler | Attorney Advertising

Written by:

BakerHostetler
BakerHostetler
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

BakerHostetler on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide