Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Imminent threats

 

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

By Mark Guntrip

Over the years, bad actors have started getting more creative with their methods of attack – from pretending to be a family member or co-worker to offering fortunes and free cruises.

Related: Deploying employees as human sensors

Recent research from our team revealed that while consumers are being exposed to these kinds of attacks (31 percent of respondents reported they received these types of messages multiple times a day), they continue to disregard cyber safety guidelines.

This neglect is not only a threat to personal data, but also a threat to corporate security. As we continue to live a majority of our lives online, there are many ways that both consumers and enterprises can better protect themselves against hackers.

According to our survey, the majority of consumers (77 percent) are confident they can identify, and report suspected malicious cyber activity despite general apathy toward proactively securing their devices and personal data.

Confidence gap

This overconfidence is cause for concern for many cybersecurity professionals as humans are the number one reason for breaches (how many of your passwords are qwerty or 1234five?). When it comes to protecting themselves and their devices, few are practicing the basics:

•Only 21 percent use email security software

•Only 33 percent consistently use two-factor authentication (2FA)

SHARED INTEL: A breakout of how Google, Facebook, Instagram enable third-party snooping

By Federico Morelli

More and more consumers are using apps every year. In fact, Google Play users downloaded 111.3 billion apps in 2021 alone, up more than 47 percent since 2018.

Related: Microsoft CEO calls for regulating facial recognition.

This increased demand for apps also raises the need for improved data protection measures, which Google took steps to address with the new data safety section they launched in July 2022.

This data safety section aims to help users understand how apps handle their data (especially when it comes to collection and sharing) and make more informed decisions about which apps to download.

To provide even further insight into the data safety and privacy practices of app developers, researchers at Incogni conducted a study of the top 500 paid and top 500 free Google Play Store apps. The results shed light on how much data apps really share, which apps pose the biggest risks to data privacy, and how transparent developers are about their practices.

Rampant ‘sharing’

The study revealed that more than half (55.2 percent) of the apps share user data with third parties.

GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

By Bharat Bhushan

Cloud hosted email services have come into wide use as the go-to communication and collaboration work tools for businesses far and wide.

Related: Weaponized email endures as top threat

Digital native companies start from day one relying entirely on Microsoft Office 365 or Google’s G Suite and most established companies are in some stage of migrating to, or adjusting for, Office 365 or G Suite.

That said, Microsoft Exchange on-premises email servers – technology that once, not too long ago, dominated this space – remain in pervasive business use today.

In 2021, on-premises Microsoft Exchange Server mailboxes commanded a 43 percent global market share as compared to 57 percent for cloud Exchange mailboxes, according to this report from Statista. Some 11,800 computer software companies, 10,000 IT services vendors, 5,500 health care organizations and 3,200 financial services firms continue to maintain on-premises Exchange email servers, according to this report from Enlyft

What’s more, many of the organizations migrating to cloud IT infrastructure services are patching together hybrid email systems, part on-premises and part cloud-hosted.

SHARED INTEL: Log4j vulnerability presents a gaping attack vector companies must heed in 2022

By Byron V. Acohido

As we close out 2021, a gargantuan open-source vulnerability has reared its ugly head.

Related: The case for ‘SBOM’

This flaw in the Apache Log4J logging library is already being aggressively probed and exploited by threat actors — and it is sure to become a major headache for security teams in 2022.

“This vulnerability is so dangerous because of its massive scale. Java is used on over 3 billion devices, and a large number of those use Log4j,” says Forrester cybersecurity analyst Allie Mellen, adding that crypto miners and botnet operators are already making hay.

“We can expect more devastating attacks, like ransomware, leveraging this vulnerability in the future,” Mellen adds. “This vulnerability will be used for months if not years to attack enterprises, which is why security teams must strike while the iron is hot.”

This Log4j vulnerability was disclosed to Apache on Nov. 24 by the Alibaba Cloud Security team. Then on Dec. 9, the vulnerability, formally designated CVE-2021-44228, was disclosed on Twitter; meanwhile a  proof-of-concept exploit got posted on GitHub.

This flaw in an open-source web server software used far and wide  puts open-source risks in the spotlight – yet again. Companies will have to deal with Log4J in much the same manner as they were compelled to react to the open source flaws Heartbleed and Shellshock in 2014.

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

By Nitin Chopra

Mental health at work is undergoing a rapid transformation. Even before the COVID-19 pandemic, which has caused an increase in feelings of loneliness and isolation, workers’ mental health was under pressure.

Related: Capital One hacker demonstrated ‘erratic behavior’

According to a recent workforce health survey, 40% of workers experienced mental health issues this past year, double the year before. We are in the midst of a workplace mental health crisis that’s affecting individual employees and entire companies.

While it’s obvious people are not getting the mental health care they need and deserve, and we must do better as a nation, there is an overlooked aspect of this crisis affecting businesses.

The vulnerabilities and challenges associated with declining worker mental health is causing cybersecurity risks to increase, especially from insider threats.

Mental health cyber risks

Many organizations categorize employee mental health and a human resources concern, yet mounting evidence proves that the effects of mental health go much deeper. Declining workplace mental health is affecting cybersecurity in various ways. When an employee is struggling, they may reach a tipping point and become an insider threat. According to Verizon, 22 percent of all security incidents involve insiders.

MY TAKE: For better or worse, machine-to-machine code connections now form much of the castle wall

By Byron V. Acohido

Managing permissions is proving to be a huge security blind spot for many companies.

Related: President Biden’s cybersecurity order sets the stage

What’s happening is that businesses are scaling up their adoption of multi-cloud and hybrid-cloud infrastructures. And in doing so, they’re embracing agile software deployments, which requires authentication and access privileges to be dispensed, on the fly, for each human-to-machine and machine-to-machine coding connection.

This frenetic activity brings us cool new digital services, alright. But the flip side is that companies have conceded to a dramatic expansion of their cloud attack surface – and left it wide open to threat actors.

“The explosion in the number of human and non-human identities in the public cloud has become a security risk that businesses simply can’t ignore,” observes Eric Kedrosky, CISO at Sonrai Security.

I’ve had a couple of deep discussions with Kedrosky about this. Based in New York City, Sonrai is a leading innovator in a nascent security discipline, referred to as Cloud Infrastructure Entitlement Management (CIEM,)

GUEST ESSAY: Here’s what every business should know — and do — about CaaS: crime-as-a-service

By Jack Chapman

It doesn’t matter if you want to learn a new language or figure out how to fix your broken clothes dryer; the tools, tutorials, and templates you need are available online.

Related: Enlisting ‘human sensors’

Unfortunately, with crime-as-a-service, the same is true for people interested in trying their hand at cybercrime. The dark web provides virtually everything potential attackers need to make their move.

Let’s look closely at precisely what crime-as-a-service (CaaS) is, why it’s so dangerous, and how your business can defend itself.

CaaS variants

Experts define  CaaS as what happens when sophisticated hackers and criminals work together to create technology, toolkits, and methodologies geared toward carrying out cyberattacks. CaaS is happening with increasing regularity. For example, an Illinois man recently faced conviction for running a website that allowed users to buy subscriptions to launch distributed denial of service (DDoS) attacks against computer networks.