Sony is only the most recent of the major corporations with dedicated security teams to get hacked. Bottom line, nobody is immune to emerging threats.
2014 has earned itself the dubious distinction of becoming “Year of the Data Breach”. It’s not as if there weren’t breaches in 2013 (or any other year, for that matter), but this was the year that the issue hit home with millions of consumer records compromised at major retailers. The news of the Target breach broke just before the new year, Nieman Marcus came shortly thereafter, and the bad news seemingly hasn’t stopped.
It appears the year is ending with a bang, this time with Sony Pictures in the news over a breach that has been both embarrassing and costly for the media giant. The hacking group “Guardians of Peace” claimed responsibility for the attack and is threatening to release additional data (beyond the emails, celebrity social security numbers, movie scripts, and more that it has already published) in the coming weeks.
This isn’t really about Sony, or Target, or Home Depot, or Marshalls (the list, unfortunately, goes on). Rather, the more concerning story is that all of these large companies had dedicated security staff. Hackers are bold and incredibly sophisticated, allowing them to successfully attack a variety of companies with employees devoted to data security. What about the vast numbers of organizations that don’t have the resources to employ a CSO or commit IT staff to cybersecurity? Reporters at CNN put it very well, paraphrasing a warning from Richard Danzig, vice chair of the RAND Corporation: “Getting an employee's username and password though a simple phishing email could be enough to bring down a company.” Richard Henderson, Security Strategist with Fortinet’s FortiGuard Labs, had this to say about attacks such as this:
"It’s clear companies just aren’t getting the message about how easy it can be for an attacker to gain an initial foothold into a network by compromising the human element of the IT equation. Targeted spear-phishing campaigns continue to bare very ripe fruit for criminals. Organizations need to deal with this in two ways - one, education of users on a regular basis, including unannounced random tests, will help prevent a targeted email attack. Secondly, IT staff need to put as many barriers in place using all the tools available them to not only detect a breach faster, but to properly segment sensitive data warehouses from access by employees."
FortiGuard Labs, Fortinet’s threat research division, recently released their 2015 Threat Predictions, leaving little doubt that organizations of all sizes will need to be increasingly vigilant if 2015 is to be anything other than “Year of the Bigger Data Breach”. The group highlighted so-called blastware, a new trend designed to destroy systems, wreaking havoc on its own while simultaneously covering hackers’ tracks, as well as increasing efforts to evade detection and law enforcement.
At the same time, FortiGuard Labs predicts that the rise of the Internet of Things (IoT) will provide new vectors and targets for hackers as less traditional endpoints are increasingly connected and feeding data into critical systems. We will see denial of service attacks extend to factories, assembly lines, industrial control systems and more. While the retail sector was especially hard hit in 2014, healthcare systems and devices, manufacturers, and others will begin feeling the effects of sophisticated cybercrime. And as quickly as researchers build threat intelligence, we can expect cybercriminals to implement their own counter threat intelligence. As the report explained,
"For example, current crime services scan malware against vendors’ capabilities to stop it, and give them a score result. As vendors expand from malware detection to threat intelligence correlation, criminals will work to counter this movement with the same type of approaches to find out if their botnet infrastructure is flagged in other intelligence systems as well, and work to hide their tracks."
This type of development within the black hat hacker community will make it easier for criminals to widely deploy malware, build smarter botnets, and penetrate deeper. They will be able to cast wider nets, attacking both high-payoff targets as well as smaller targets (or related groups of targets). According to Derek Manky, Fortinet Global Security Strategist,
“As threats continue to evolve, organizations are at even greater risk. It is imperative they choose not just a security solution, but a proactive and intelligent solution, to protect them from the breadth and depth of growing attacks that firewall solutions alone will not stop.”
This hardly means, though, that 2015 should be the “Year of Despair”. New hardware and software solutions, both in the cloud and on-premises, can provide advanced levels of threat detection and prevention, ranging from sandboxing to observe the run-time behavior of potential malware to virtual appliance to protect cloud infrastructure. Even small businesses can benefit from these new solutions with cost-effective deployments as hackers expand their repertoires while large enterprises secure their investments in big data, the cloud, and the Internet of Things...or, as we call it around here, the Internet of Threats.