Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/26/2018
09:00 AM
100%
0%

7 Real-Life Dangers That Threaten Cybersecurity

Cybersecurity means more than bits and bytes; threats are out there IRL, and IT pros need to be prepared.
Previous
1 of 8
Next

Cybersecurity tends to focus on dangers that appear on networks or in messages. The attackers may be half a world away, so the threat is the only thing that matters. But what happens when the threat actor is walking through the front door or sitting next to you at an airport coffee shop? Firewall rules and DNSSec can have minimal impact on the thief sliding a company-owned laptop into his backpack and walking out the door.

"If we all took our computers, encased them in concrete, and dropped them into the middle of the Atlantic Ocean, nobody would ever steal our data, but it wouldn't matter because our data would be on the bottom of the Atlantic Ocean," says Tim Callan, senior fellow at Sectigo. The challenge, he says, is reconciling physical security with the fact that people need to use their computers and mobile devices for legitimate work.

In 2016, Bitglass reported that one in four breaches in the financial services sector were due to lost or stolen devices, while one in five were the result of hacking. Physical security might not have the glamour of fighting malware writers, but there's no question it's a serious component of any effective data protection program.

So what are the physical dangers to enterprise data? Several, but they tend to echo the dangers to any physical assets an organization owns. As a result, some IT security groups leave physical security to the physical-plant security force, but there are both strategic and technical reasons to involve IT security in protecting both the data on systems and the hardware that surrounds those precious bytes.

After talking with security professionals, querying the security community via Twitter, and looking at major security incidents from the recent past, we've put together a list of seven threats that definitely deserve attention. Protecting systems from these threats takes a combination of user education, behavior modification, and technology, but remedying the problems themselves can make a huge difference in an organization's risk profile.

(Image: Stevepb)

 

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
mattsweet
50%
50%
mattsweet,
User Rank: Strategist
11/28/2018 | 12:15:00 PM
Re: USB tracking
We track files being written and read on USB drives through an agent connected to our SIEM server (we use Solarwinds LEM, but there are others as well.) We can also monitor machines that have restricted USB access.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
11/27/2018 | 9:53:55 AM
Re: USB tracking
Last year, my wife - daughter and 3 year old grand-daughter, Cariana, visited my office.  She had pizza in the cafeteria, met my colleagues and WHEN LEAVING ..... Cariana pulled all of our security badges, save mine, and said THESE MUST BE RETURNED.   She then walked them to the security desk to hand them in.  Staff there was delighted!!!   Lesson - A THREE YEAR OLD understood perimeter security BETTER than most employees do. 
lakers85
100%
0%
lakers85,
User Rank: Strategist
11/26/2018 | 1:14:46 PM
USB tracking
We have a domain policy that forces BitLocker to be used before saving data to any usb drive, otherwise its will be read only. I guess my questions is, how do you track or monitor usb activity on our 1500 end clients?

Thanks
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.