Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:08 PM
Joseph Carson
Joseph Carson
News Analysis-Security Now

Deciphering the Threat Landscape

Why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred, it comes down to three major factors.

With more than 3.5 billion Internet users worldwide, there are millions of opportunities for hackers to exploit. If we look at all the cyberbreach reports in the past year (and even in the last few months) -- we can clearly see that it has been a busy time for cyber criminals. Public reports describe more than 500 data breaches and more than 3 billion records stolen in 2016 alone.


So why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred it comes down to three major factors:

  • Human factor
  • Identities and credentials
  • Vulnerabilities

Every day, billions of people power up their devices and connect to the Internet to access online services so they can get the latest news, shop for the best deals, chat and connect with friends, stream music and videos, get advice for health, share their thoughts and access financial information. As more and more people and businesses use online services, they quickly become a target of cyber criminals and hackers. It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money.

Cyberdefense is like a game of Space Invaders with cyberattacks coming from all around the world, attacking your perimeter and devices looking for the opportunity to gain access to your sensitive information. While all of this is happening, you are not able to fight back. You hope that the basic security controls you have are going to stop them all and sometimes it is only a password that is the difference between security and becoming a victim.

Email and social media continue to be the primary weapons used by cyber criminals using cunning techniques for luring unknowing victims to simply give up their secrets using trust and help. Recent quizzes making the rounds on social media asking questions like your first five cars, the top five concerts you went to and cities around the world you have visited are all common password security questions used when resetting passwords. So, think twice about participating in social quizzes as it might be a cyber criminal simply getting you to share information that will unlock your security.

Be very careful about all those emails you get. While they all look authentic and valid, containing real information about you and suggesting that you want to cancel an order, pay a speeding ticket, get tax returns easily or open an attachment, all of these could simply mean you are one click away from getting infected with ransomware or giving access to your devices to a cyber criminal who can then watch you via your camera and listen to your conversations. It is critically important to check every hyperlink to see where it is taking you. If you suspect something, simply do not click on it.

If you do become a victim of ransomware you literally have three options: you restore from a backup, you pay the ransom (with no guarantees) or you say goodbye to your files. This is why it is of the utmost importance that you back up your files onto external hard drives and make sure it is possible to easily restore them.

In this connected world with ever increasing cyberthreats, it is important that you use intelligence and smart steps to avoid becoming the next victim. Here are some smart steps you and your employees can take now.

  1. Limit personal identifiable information on social media.
  2. Do not use social logins and limit the use of application passwords.
  3. Limit what you do over public WiFi.
  4. Use a Virtual Private Network (VPN) to keep your Internet access private.
  5. Back up critical and sensitive data online and offline.
  6. Use password managers and protect privileged accounts.
  7. Keep systems patched and up to date.
  8. Before "clicking," stop, think and check if it is expected, valid and trusted.

— Joseph Carson is Chief Security Scientist at Thycotic and a Certified Information Systems Security Professional (CISSP).

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-12-02
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
PUBLISHED: 2020-12-02
Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in ...
PUBLISHED: 2020-12-02
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
PUBLISHED: 2020-12-02
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
PUBLISHED: 2020-12-02
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access,...