May 3, 2017

Attacker Trends: Top 3 Security Measures for Secure Networks

Hackers target businesses every day, and they’re making a lot of money doing it. Numerous reports, including one from CNBC1, last year put the annual cost of cyber-crime to businesses worldwide at more than $400 billion.  With these attacks proving so lucrative, hackers are stepping up their game, so businesses must redouble their efforts to lock down their data. 

I addressed trends in hacker behavior recently in the XO Communications webinar, "Beyond Firewalls: Top 3 Security Actions for Your Network." The bottom line was that companies need to firmly embrace layers of defense to establish safeguards well beyond the firewall.

This means implementing defenses, and data-recovery measures, with the assumption that even the strongest firewall will be breached. 

I based the webinar discussion on three critical steps underlying a framework for preventing, defending against and mitigating cyber-criminal activity.

  • Step 1: Determine your most valuable assets that hackers are seeking. If your business is health care, for example, and your company website includes a retail feature, you're working with assets that are highly attractive to hackers: health data. In many locations on the dark web where stolen data is traded and sold, health information is more valuable than credit card numbers. Why? Credit card fraud can be detected, and cards deactivated, relatively quickly and easily. Health data has a much longer shelf life, and theft typically is far more difficult to discover. 

    If your business is professional services or technology, your entire corporate value may be based on intellectual property. In this case, your files and research are priceless. This intellectual property also represents a high-dollar opportunity for hackers.
     
    No matter your line of business, it’s important to know the exact server location of all your business-critical data, and maintain separation between servers... This is important because hacker tools can allow malware to be introduced into one server, perhaps via an infected flash drive or malware in a download, and spread across all your systems like wildfire. If you believe your critical data is safe because it's separate from your primary e-commerce platform, you might be surprised by what the latest hacker tools can do.
     
  • Step 2: Create a plan to segment networks and users so that the assets determined in step 1 are not easily accessible. Firewalls are critical, but think about what could happen if an employee were to take a company laptop home, click on an infected link, then reconnect to the network at the office in the morning. The infection is now inside the firewall. Moreover, hackers can guide ransomware and other intrusions via email, image files and fraudulent offers with surprising precision, thanks to social media. It's dangerously easy for a determined hacker to get inside your firewall. 

    Segmentation of users and the networks offsets this attack vector. Whether the employee is a new hire straight out of school or the CEO, he or she should have access only to the network services needed to get the job done. Critical systems must also be carefully protected through constantly updated security software. Redundancy is essential, as well, for fully secured and current backups. 

    Isolate systems and users by deploying control points such as access lists, firewalls, VLANs and the like. Network access controls enable strict access limitations between and among users, connected devices and sensitive data resources. Limiting user access through active directory services is not enough, and can be easily circumvented by hackers.   
     
  • Step 3: Outsource the specialized tools and personnel dedicated to network security. The cyber-criminals are getting more sophisticated. They collaborate on the dark web, sharing and selling the latest tools for bypassing the latest security protocols and software. Because they are overwhelmingly motivated by quick money, they will move on to another target when encountering network defenses that represent a time-consuming and risky challenge.

    For this reason, I always recommend leveraging professionals. Companies with the securest networks often hire specialists; some of these will literally probe every inch of your system. Penetration testers, for example, will do everything they can to break into your network. They don't just dabble in email bait or on the fringes of your segmented systems. They hit your defenses full bore to see if or how they can infiltrate your servers.

    Another way to leverage professionals is to outsource perimeter defense to a managed security provider. Doing so is far safer and more affordable than acquiring the personnel and software for the same level of service in-house. With managed security services, companies can receive a network-based and unified threat-management platform. All of the systems associated with a client's geographic locations flow through a single hosted security platform. So, instead of trying to plug all the holes that emerge across multiple sites, traffic is funneled to a central point in the cloud that is heavily fortified, updated constantly and monitored round-the-clock.     

Companies like XO provide these services, many with partners trusted by organizations running some of the world's most mission-critical networks. In XO's case, we partner with BAE systems and Fortinet to provide a full suite of unified threat-management features, with intrusion detection and prevention at the fore. Our security event and incident management correlates some 500 million events daily with information from more than 60 threat feeds scanning the cyber-security landscape worldwide.

Businesses need advanced protection to fend off hacker threats that can take them offline for days, or weeks. Some companies never recover from a well targeted cyber-attack. Today, there are powerful tools that can be efficiently and economically deployed to keep businesses humming even against the worst cyber-assaults. 
 

1CNBC, "An inside look at what's driving the hacking economy," Harriet Taylor, February 5, 2016.

Stay Connected

Enter your email address below to receive updates each time we publish new content.