Simon Whitburn
Senior Vice President Cyber Security Services
Nominet runs defensive platforms for itself and other customers, so is well-placed to see threats coming from all angles. Reviewing the first six months of 2018 has identified five key threats that face CISOs right now.
1. Cryptomining isn’t going away
In fact, it’s getting worse. Kasperskey Labs recently uncovered a miner implementation that stealthily establishes itself in one system, then spreads across large corporate networks, infecting workstations and servers.
The security company dubbed the new variant PowerGhost. It uses an obfuscated PowerShell script containing the shellcode for the ExternalBlue exploit and the software for the miner program. The program uses fileless techniques (the script runs in memory) to keep itself undetected for as long as possible, unlike ransomware.
Kaspersky’s data (PDF) shows that cryptomining is overtaking ransomware and that mining software targeting mobile devices is rising fast. Have you been able to establish compulsory security software on your company’s mobile devices?
2. Neither is ransomware
Although ransomware is on the wane, it’s still around and can hit unprepared organizations hard.
LabCorp Diagnostics found that out the hard way in mid-July. An attack, which was thwarted only 50 minutes after it began, still managed to infect thousands of systems on the internal network. The ransomware is believed to be SamSam, the same malware that seriously disrupted Atlanta’s city infrastructure for over a week in March.
3. Your job is not under threat
CISOs know that not every organization has embraced the need for a security professional at the top table. However, the number of large organizations without a CISO is dropping.
CIO Magazine reported that many high-profile organizations that appointed their first CISO last year, did so after a security breach. It’s a concern but it is understandable – it’s human nature to resist spending to protect against a threat until you get hit by it. One useful nugget of information for CISOs in this article is that a study conducted by the Ponemon Institute found that the appointment of a CISO reduced the cost of a breach by $7 (£5) per record.
4. People at the top can be a weak link
Despite the demise of email having been predicted for over ten years, it’s still the de facto method of communication for many organizations. Mimecast’s “State of Email Security 2018” report (pdf) found that the C-suite and C-level executives use of email presented a high level of risk.
Of the 800 IT decision makers surveyed, nearly 40% considered their CEO was a weak link in the security chain. They were naïve about email-borne threats such as impersonation, phishing and ransomware. Even more worrying, 20% of the organizations said that in the last 12 months, C-level people had sent out sensitive data in response to phishing emails.
5. Will you be left flying solo?
Accenture’s July report “Securing the Future Enterprise Today – 2018” spoke of increasing risks to unprepared businesses, including mechanized AI attacks on organizations.
But the survey of nearly 1500 executives also revealed that not enough CISOs were getting the cooperation they needed from business leaders, particularly regarding budget. While 74% stated that cybersecurity was centralized or very centralized in their organizations, 73% felt that it needed to be decentralized – that cyber security activities need to be pervasive through all levels.
Here’s hoping for a quieter second half
Those are the top five threats that Nominet has seen during 2018 so far.
The constant game of cat and mouse between the miscreants and those responsible for cyber hygiene is bound to continue. Nominet will continue to provide the tools that give CISO’s a fighting chance of success.
