Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:08 PM
Joseph Carson
Joseph Carson
News Analysis-Security Now

Deciphering the Threat Landscape

Why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred, it comes down to three major factors.

With more than 3.5 billion Internet users worldwide, there are millions of opportunities for hackers to exploit. If we look at all the cyberbreach reports in the past year (and even in the last few months) -- we can clearly see that it has been a busy time for cyber criminals. Public reports describe more than 500 data breaches and more than 3 billion records stolen in 2016 alone.


So why do we continue to see so many cyberbreaches? If we look at why many of the breaches in the past year have occurred it comes down to three major factors:

  • Human factor
  • Identities and credentials
  • Vulnerabilities

Every day, billions of people power up their devices and connect to the Internet to access online services so they can get the latest news, shop for the best deals, chat and connect with friends, stream music and videos, get advice for health, share their thoughts and access financial information. As more and more people and businesses use online services, they quickly become a target of cyber criminals and hackers. It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money.

Cyberdefense is like a game of Space Invaders with cyberattacks coming from all around the world, attacking your perimeter and devices looking for the opportunity to gain access to your sensitive information. While all of this is happening, you are not able to fight back. You hope that the basic security controls you have are going to stop them all and sometimes it is only a password that is the difference between security and becoming a victim.

Email and social media continue to be the primary weapons used by cyber criminals using cunning techniques for luring unknowing victims to simply give up their secrets using trust and help. Recent quizzes making the rounds on social media asking questions like your first five cars, the top five concerts you went to and cities around the world you have visited are all common password security questions used when resetting passwords. So, think twice about participating in social quizzes as it might be a cyber criminal simply getting you to share information that will unlock your security.

Be very careful about all those emails you get. While they all look authentic and valid, containing real information about you and suggesting that you want to cancel an order, pay a speeding ticket, get tax returns easily or open an attachment, all of these could simply mean you are one click away from getting infected with ransomware or giving access to your devices to a cyber criminal who can then watch you via your camera and listen to your conversations. It is critically important to check every hyperlink to see where it is taking you. If you suspect something, simply do not click on it.

If you do become a victim of ransomware you literally have three options: you restore from a backup, you pay the ransom (with no guarantees) or you say goodbye to your files. This is why it is of the utmost importance that you back up your files onto external hard drives and make sure it is possible to easily restore them.

In this connected world with ever increasing cyberthreats, it is important that you use intelligence and smart steps to avoid becoming the next victim. Here are some smart steps you and your employees can take now.

  1. Limit personal identifiable information on social media.
  2. Do not use social logins and limit the use of application passwords.
  3. Limit what you do over public WiFi.
  4. Use a Virtual Private Network (VPN) to keep your Internet access private.
  5. Back up critical and sensitive data online and offline.
  6. Use password managers and protect privileged accounts.
  7. Keep systems patched and up to date.
  8. Before "clicking," stop, think and check if it is expected, valid and trusted.

— Joseph Carson is Chief Security Scientist at Thycotic and a Certified Information Systems Security Professional (CISSP).

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-28
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).
PUBLISHED: 2020-10-28
The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.
PUBLISHED: 2020-10-27
The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS.
PUBLISHED: 2020-10-27
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user's credentials.
PUBLISHED: 2020-10-27
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.