Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
June 2017 www.SecurityInfoWatch.com / Security Dealer & Integrator 29 rity, says that while many of the attack trends highlighted in this year's report are similar to what they have found in past iterations, what has changed is the frequency in which they are employed. "Four or five years ago, phishing and SQL injection were the hot topics with some of the tools reaching their matu- rity lifecycle. en three or four years ago, we started moving deeper into ransomware," Kraus says. The Rise of Business Email Compromise Kraus says NTT has seen a sharp uptick recently in business email com- promise (BEC) schemes – where a bad actor sets up a phishing server and then sends targeted and well-craed emails that are usually spoofed to look as if it came from a C-level executive to those who work in accounting or finance roles within various organiza- tions to trick them into sending them money or sensitive data. According to the report, BEC attacks were the sec- ond most common form of phishing attacks that NTT Security incident response engagement teams encoun- tered in 2016, just behind ransomware. In some cases, Kraus says the attack- ers were able to get away with only a few thousand dollars, but in extreme cases the amount was in excess of $100,000. In fact, the report indicates the average BEC incident involves a loss of about $67,000 compared to the average cost of a ransomware incident, which is only $700. While the importance of having employees across the board take part in security awareness training is always emphasized, Kraus says a lack of training is not always to blame when it comes to these types of scams – but rather, good old-fashioned checks and balances. "For years, we've been talking about the human as being the weak link," he says. "It is not just the end-user being the victim and the human being the weakest link; the other part of the equation most organizations are missing is that if you have processes and procedures in place to validate these requests – even if someone falls victim to it – they can thwart the attack altogether." Ransomware Awareness Increasing Despite some of the widely publicized incidents involving ransomware infections in recent months, Kraus believes organizations are starting to do a better job of responding to these types of attacks. Prior to the recent surge in BEC attacks, for example, Kraus says NTT Security's teams spent much of their time helping customers get out of ran- somware situations. at has started change recently. "I think over time the security industry in general has done a little bit better job of (explaining that) there are some choices when it comes to ran- somware," Kraus explains. "You can pay the bitcoin and get your data back – then you are known as somebody who pays and you might get attacked again – or, you don't pay and hopefully you can recover from backups. "at being said, I certainly don't believe that ransomware is dead," Kraus adds, "but the attackers are now going to be in the cycle of looking for another approach – because (the first one) was fairly successful." Trends to Watch Moving into the rest of 2017 and beyond, Kraus believes that hackers are going to begin targeting Internet of ings (IoT) devices even more than they do today, as developers have only begun to scratch the surface of what is capable with technology and the increasing number of devices that are being brought online daily. Not only will the IoT give attack- ers a broader base from which to work with, Kraus says it can also be weap- onized to carry out botnet assaults – as was the case in last year's DDoS attacks against Krebs on Security and Dyn. "I think we are just on the cusp of getting deeper into things like drone cars and home automation" Kraus says. "When you start looking at automobile hacking, there are a lot more books available specifically about that cra on the market now, and so I anticipate a lot of folks will start to pick up on that a little bit more. "With home automation and things like doorbells that have built-in cam- eras, can the bad guys use that tech- nology to tell if someone is home? If I want to break into a house, can I tell it that someone is at home by hacking into the system?" ■ » To read NTT Security's full report, please visit www.nttcomsecurity.com/ us/gtir-2017. Joel Griffin is the Editor of SecurityInfoWatch.com. Reach him at jgriffin@southcomm.com. The security industry has done a little bit better job of (explaining that) there are choices when it comes to ransomware . You can pay the bitcoin and get your data back – then you are known as somebody who pays and you might get attacked again – or, you don't pay and hopefully you can recover from backups." — Rob Kraus, NTT Security