Cybersecurity threats now: 6 eye openers from Black Hat every IT leader should know
Security is a rapidly changing game. I just got back from Black Hat 2021, the leading event for the infosec community, and here are the six things I think every IT professional should know as they work to strengthen their security posture.
Lesson 1: Here’s where security protection is absent or impossible
Zero Trust serves as a superior framework for security defense, as it’s often used to refocus perimeter-based strategies around user access, identities, and devices regardless of their location. However, Zero Trust isn’t always possible, especially when it comes to mobile phones and other uncontrolled hardware. Why? The root issue is supply chain or hardware-based attacks.
In fact, the security onus is often on the platform vendors — such as phone and device manufacturers like Samsung®, LG®, Apple®, and the like — who must defend their hardware, microchips, and operating systems. And yet, that defense job is considered nearly impossible today. This is because no security technology exists that can effectively protect these companies and their products from supply chain or source-code-based attacks against the software or hardware supplier themselves.
No security technology can effectively protect against supply chain attacks. Therefore, Zero Trust isn’t always possible when it comes to mobile phones and uncontrolled hardware.
We have already witnessed terrible impacts in 2021, such as with the SolarWinds supply chain attack and the more recent Kaseya MSSP attack. With the exploitation of widely used software in both the public and private sectors all over the world, using the word vast to describe the circle of influence these attacks can have is a grave understatement.
Threats can come from both external attack vectors and internally from malicious insiders working from behind “trusted accounts.” SolarWinds showed security professionals everywhere that even with a perfectly constructed Zero Trust framework in place, this attack vector could not have been prevented. Anyone relying on third-party platforms to access resources will always be at the mercy of the manufacturer to provide some level of trusted access security.
Lesson 2: Zero-day exploits have doubled — hackers are already inside
Known vulnerabilities are easy to manage, because they have been identified and can be patched quickly. However, zero-day vulnerabilities are those that are unknown and unpatched. When discovered, it often means that hackers have already exploited the opportunity; bad actors are already inside your systems. This explains why zero-day vulnerabilities have become a primary attack vector.
In 2021, exploited zero-day attacks more than doubled when compared to 2020, as reported by the COO of Corellium, Matt Tait, during his keynote speech at Black Hat. “Offense has taken the gloves off,” he said. “Zero-days are fueling an out-of-control supply chain attack problem.” See more of the takeaways from Tait’s presentation. So, what can you do? Partners and their technologies and managed security services are the ONLY solution to this problem.
Lesson 3: Evading detection is commonplace — protecting Office365 is key
During one Black Hat session, security firm Mandiant called Microsoft® Office 365 the “Holy Grail” of attack vectors for motivated threat actors. Their presentation, titled “Cloudy with a Chance of APT,” offered a technical overview of various Advanced Persistent Threats (APTs) that were used against this widely adopted cloud-based service, which has become a favorite target for bad actors looking to gain a foothold into corporate assets.
It’s easy for them to get into O365, because of the frequent and poor administration of those environments. Companies and IT professionals are failing to secure the authentication mechanisms governing these cloud environments, which are accessible from anywhere in the world. Even worse, the ability to evade detection is becoming commonplace now, because attackers simply get access to an account and disable logging and auditing of existing security features. For a cyber criminal, this work is all too easy. In some instances, detection evasion is simple — all they do is click a checkbox to “downgrade” a single license from E5 to E3.
For a cyber criminal targeting O365, detection evasion can be as simple as a few clicks.
Lesson 4: These two technologies are making attacks more automated than ever
With the advent of AI-powered language prediction and word generation technologies, including GPT3 (2020) and the upcoming GPT4, the ability to automate cyber attacks will be easier than ever before. While these OpenAI tools make typing text easy for users everywhere, they also start to accelerate capabilities for bad actors, helping them expand and further automate already efficient attack methodologies. In one Black Hat session, researchers demonstrated the weaponization of these deep neural networks, showing how they can be used to automate a social media disinformation campaign and shape public opinion.
In fact, deep fake audio recordings and video footage are also powering cyber attacks. The creation of fictitious phone calls and fabricated videos has evolved at such a rapid rate over the past few years that the resources required to generate very convincing material is now attainable by hacktivists and cyber crime syndicates. This technology has a huge potential in security attacks — it could likely become a dominant attack vector in the near future. Creating attacks could be as simple as targeting employees with fake voicemail messages from their bosses, telling them to do things that aid the attacker. Undoubtedly, these tools can be used to fool insiders into becoming a threat to their own organization.
Lesson 5: Ransomware is here forever and cryptocurrency is making it worse
Today is just the beginning of the ransomware problem. The most popular operating systems are riddled with vulnerabilities that are at the heart of ransomware attacks. As long as software has new versions, there will always be vulnerabilities and ransomware attacks.
With the advent of cryptocurrency, the ease and total rewards for ransomware are far greater than any of the risks attackers face in engaging in these criminal practices. One reason: cryptocurrency allows for some level of anonymity. Pay a ransomware attacker in standard American dollars and it’s easier to follow the money trail, finding who is behind the crime. Additionally, many of these attackers operate in regions where American laws have no jurisdiction. Cryptocurrency and ransomware are such problems now, even the FBI has issued their first-ever alert about it.
Lesson 6: Social engineering is still the #1 attack vector and bad actors are getting brazen!
Social engineering is still the preferred method of attack. Out-of-band communications coming from untrusted sources outside the organization, are the low hanging fruit for attackers targeting companies via personal phone calls, personal emails, social media messages, even SMS text messages. These are popular tactics, because they are successful in turning unwitting users into insider threats acting against their own organization.
And to make matters worse, cyber criminals are trying every possible angle. With today’s trends in job changes and employee resignations, bad actors are seeking out disgruntled employees who are willing to infest company systems with malware, as was the case with a recent attack on Tesla. This mass solicitation is a new twist on the old concept of getting assistance from insiders. Likewise, COVID-19 news and headlines of the day offer entry points for attackers, and moving forward each new upcoming trend will provide more angles to play, resulting in more creative marketing “bait.”
The big takeaway: Awareness must be two-fold
With the rapidly evolving threat landscape, it’s important for every IT leader to understand not just the most popular attack methods today, but also where the security industry is lagging behind. IT leaders need to understand their own security strengths and weaknesses within their company, but they must also have the ability to recognize what gives bad actors the advantage and where every organization is vulnerable in ways that will always be inescapable. Like companies themselves, the security industry is still maturing and facing tough challenges to solve. When IT leaders are mindful of this, awareness is heightened, and we all know that sound security strategies start with heightened awareness.
Contact us today and consult with one of our Managed Security experts.
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.
Security point solutions are useless in 2022 and beyond
Masergy’s final prediction for 2022 is one of the most important. Here are our tips for breaking down silos and taking a holistic approach to security.
What the analysts say about selecting a managed security services provider
Only the largest businesses can handle security 100% internally, but finding an MSSP can be hard. These tips come from Nemertes Research.
Masergy’s Jim Glackin receives 2021 Channel Partners Circle of Excellence award
Circle of Excellence honors Masergy for vision, innovation, and advocacy of the channel during a time of transition and convergence.
Why remote work security is so difficult and the single best thing you can do about it
Remote and hybrid work can complicate security, increasing risk. So, what’s the single best remedy? Here’s the answer.
5 reasons to be excited about the Comcast Business acquisition
Here’s how our combined company will accelerate digital transformation and unlock more value for clients, partners, and the industry at large.
Not getting the collaboration experience you want? Look at your technology provider
Collaboration applications won’t perform without the right support systems. In fact, it’s what’s behind the technology curtain that matters most.
Resourcive, CXT180, and Subsidium Technologies attain Apex level status in Masergy Zenith Program
Congratulations to our partners Resourcive, CXT180 and Subsidium Technologies for attaining Apex level status in the Masergy Zenith Program!
Network segmentation security: How to avoid IT complexity
How can you partition networks to avoid complexity? Here’s how Masergy advises IT leaders when it comes to segmenting networks for security purposes.
Embracing what’s next
With every new technology shift comes the promise of what’s possible along with uncertainty inherent in change.
What is Zero Trust security and how do I get started?
Security strategies from the past 20 years are no longer working. Zero Trust offers a more resilient security approach for today’s challenges.
Comcast Business to Acquire Masergy, a Pioneer in Software‑Defined Networking and Cloud Platforms
The acquisition accelerates Comcast Business’s increasing growth serving large and mid-size companies with multi-site global operations.
4-Step cybersecurity risk assessment
Data breaches cost $4.24M on average. Use the following four steps to help identify where you are today and what you should do next to improve your security posture.
Setting a course for SASE: Best practices and questions to address along the way
Here we explore the SASE plans companies are making and the difficult questions they address along the way.
The Top Five Cybersecurity Threats to Watch Out for Now
Online security threats are constantly evolving. What should you worry about now? Here’s the latest line up of cybersecurity threats and how to stay ahead.
Masergy Announces Zenith Partner of the Year Awards
Following the company's best year ever, Masergy celebrates channel partners for their 2021 sales achievements.
Masergy’s Florence Le Goff Honored in the 2021 CRN® 2021 Rising Female Stars List
Masergy’s Director of Channel Marketing recognized for contributions shaping the future of the IT channel.
Getting SASE? Four guidelines for success
To ensure security and agility and reap the full benefits of SASE, you need to follow four key guidelines for success.
Why legal firms choose Masergy to digitize and improve the client experience
Here’s how Masergy helped several global law firms modernize to meet the needs of their clients while prioritizing data security.
Masergy Wins Two 2021 Visionary Spotlight Awards
Masergy Zenith Partner Program and Masergy AIOps Recognized for Excellence
Masergy Wins Globee® in the 16th Annual 2021 IT World Awards®
Masergy Work From Anywhere solutions recognized for providing IT leaders with one cloud platform to cover the needs of their remote workforces.
Datatel1 and Digital Planet Communications Inc. reach Apex level in Masergy Zenith Program
Congratulations to our partners Datatel1 and Digital Planet Communications Inc. for attaining Apex level status in the Masergy Zenith Program!
The top 8 CASB use cases and how to ensure you’re covered
Cloud Access Security Brokers (CASBs) are go-to solutions for securing corporate data and cloud-based apps on employee devices. Learn why CASB is a crucial component of Gartner’s Secure Access Service Edge (SASE) framework and the top use cases for using CASB at your business.
EDR: The single best protection against ransomware
Advanced Endpoint Detection and Response (EDR) is the best medicine for ransomware. Here’s what to look for, and how companies use it.
IT may be killing your M&A strategy: Using SASE and SD-WAN to accelerate integration
Need to unite two companies quickly without jeopardizing security? Here’s how to put SASE and SD-WAN to work for your M&A strategy.
Masergy Zenith Program welcomes Blue Equinox, DVP Technologies and RealCom Solutions as Apex members
Congratulations to our partners Blue Equinox, DVP Technologies and RealCom Solutions for attaining Apex level status in the Masergy Zenith Program!
Masergy Wins Fortinet’s MSSP Partner of the Year Award
The MSSP Partner of the Year award is presented to partners who demonstrate innovation, growth, and alignment with Fortinet. Here’s why Masergy won.
Our best year in Masergy’s history
Businesses of all sizes are flocking to Masergy’s cloud networking platform. Here’s a look at our sales and why more IT leaders prefer our solutions.
Masergy Zenith Program helps partners reach companies of all sizes with flexible SASE solutions
The Zenith Program is six months old, which makes now a great time to check in on our progress and what’s coming next for the channel.
WFH security do’s and don’ts: Reducing risk for a network without borders
As WFH companies perform much-needed security audits today, here are the biggest concerns they face and a list of do’s and don’ts for addressing them.
Cisco Webex + Masergy SD-WAN: The collaboration combo businesses need in 2021
Keep things simple with integrated services. Masergy UCaaS with Cisco Webex offers SD-WAN service for a perfectly complete collaboration solution.
CRN Names Masergy to its 2021 MSP 500 List
Masergy recognized by CRN as innovative and forward-thinking managed service provider.
Secure Web Gateway: How it serves the hybrid workforce and SASE too
SWG melds into broader offerings today, better serving the needs of the anywhere business. As markets converge, here’s what buyers should consider.
Jim Glackin of Masergy Recognized as 2021 CRN® Channel Chief
Prestigious CRN Channel Chiefs list recognizes Masergy’s SVP of Global Channels for outstanding leadership, influence, innovation, and growth
Masergy launches Managed Endpoint Detection & Response: Technology, analytics, and analysts in one turnkey solution
With technology, analytics, and security analysts all in one solution, clients can efficiently widen their security coverage to every endpoint.
SASE, the appeal of cloud firewalls, and when on-prem still matters
Explore the advantages of cloud firewalls, the role FWaaS plays in SASE solutions, and when to opt for the cloud or stick with on-premise.
IDG healthcare IT study: Convergence of network and security technologies enable efficient operations and orchestration
Explore new IDG research, discovering the latest security trends in healthcare and the approaches used to solve the problems of digital care.