The Facebook is one of the most popular social networking sites. It effects in 2004…
State of Security: Kaspersky, WatchGuard, BullGuard and more on the latest security threats
As more and more devices become connected to the internet, each year we hear about new way criminals are threatening our cybersecurity.
Cybersecurity is possibly one of the most constantly changing landscapes in the tech industry. Those who have taken it upon themselves to offer products and services to keep our information and data safe are tasked with the job of not only keeping up with the latest industry trends and consumer and business demands, but ensuring they stay one step ahead of the hackers and cybercriminals looking for a way in to your devices, bank accounts, and homes.
As electronic devices continue to sell and more people look towards technology to help them keep their lives – and personal data – in order, the threat of cybercrime shows no sign of slowing down.
Each year the industry and the public hear about new and emerging threats to our cybersecurity, and 2018 has been no different, with everything from malicious crypto-currency mining to Zero Day malware stealing the security headlines.
“It is the same concept when it comes to how we use our devices online. There are ways to defend against such social engineering strategies, which are relatively simple. If consumers utilize password managers and don’t click on random links in messages, the success rates of these attacks would be minimized.”
Looking at the issues IT admins are faced with, Paul Lipman, CEO of BullGuard, believes that it’s not just one thing, but rather a series of security threats. “Becoming the target of a cybercrime syndicate will keep many people awake at night. These days many malicious hacking attacks are the result of organized professionals. Traditional organized crime groups that used to run drugs, gambling and extortion have now developed structured cyber organizations with the sole intention of stealing as much as possible,” says Lipman.
“Another concern is sophisticated malware programs that not only infect the end-user but also break into websites and modify them to help infect more victims. These all-in-one malware programs often come with management consoles so that their owners and creators can keep track of what the botnet is doing, who they are infecting, and which ones are most successful.”
Lipman also cites the theft of intellectual property and corporate espionage as high on the list. “Many times a web server or its application software isn’t hacked; rather it’s a link or online advertisement that a user clicks on enabling attackers to exploit weaknesses in a website that allows them to bypass admin authentication,” he explains. “Common website vulnerabilities such as poor passwords, cross-site scripting vulnerabilities, SQL injection, vulnerable software and insecure permissions have been around a while, yet they are still a problem today.”
There’s no doubt there is a lot for both consumers and businesses to take on board when it comes to protecting their data. But as more people purchase software online, is it becoming harder for retailers to take full advantage of the increase in cybercrime?
“Not for the consumer market,” says BullGuard’s Lipman. “There’s a growing awareness among consumers about the dangers of going online unprotected. The media regularly carries stories about hacks and real-world consequences, such as the impact of hacking on identity theft victims, so the need for online security is constantly being hammered home. That said, there is still an attitude of “it will never happen to me”, when most often, it does.
“From a reseller’s perspective, it’s important to keep abreast of the ever-changing threat landscape and offer security software that is constantly being enhanced and improved to deal with and get ahead of new and emerging threats.”
WatchGuard Technologies’ Whitley adds: “With the increased complexity of malware, it is becoming increasingly daunting for end-user customers to effectively manage and implement the solutions they need. Consequently, end-users are turning to MSSPs to manage their security as an alternative to buying solutions off the shelf. To cater for this, WatchGuard has developed sales programmes and technology that allows MSSP partners to manage and bill their customers flexible.”
The future of security
Looking ahead, what can we expect to see emerge in the security landscape over the next five years?
Keith Casey, the API product solver at Okta, believes API (application programming interfaces) security will be one of the biggest trends in the years ahead.
“API security needs to be an increased focus for both security and engineering teams. Privacy and security issues stemming from API development have continued to rise over the last year, so much so that according to Gartner, by 2022 the largest source of data breaches will arise from this,” says Casey.
“Whether it’s launching a mobile app or working on partner integrations, APIs are the glue that helps secure the connections between different applications. However, the growth of APIs needs to be matched with the mindset of securing them.
“Security problems often stem from the fact that software developers don’t always consider the varying levels of access when working with APIs. If you visualize a hotel, you want to make sure only the right people (or in this case, apps) have the correct keys to the correct rooms and nothing more.”
On the consumer side of things, Whitley believes IoT devices will be targeted over the next five years: “The increase in new attack vectors is likely to be significant and the growth of unsecured IoT is going to open new markets and a requirement to secure devices that most people never perceived as being threats. For those offering solutions, it will increase the need for products that can be remotely managed with zero-touch deployment.”
Lipman agrees, pointing out that with the explosion of IoT devices connecting to the internet, we’re seeing an expansion of attack vectors and an increase in vulnerabilities.
“This will not only increase the risk of attacks but potentially also the severity of the attacks as they connect to the physical world,” he says. “This risk is compounded by the nature of businesses adopting IoT technology. We will also see a range of new or traditional businesses entering the digital world, some of which might lack the experience, awareness, and skills to effectively secure their devices.
How to secure your connection
Kaspersky Security Cloud is a feature-filled package to protect your family’s devices.
As well as providing protection against malware, viruses and other security issues, it offers the facility to create and store strong passwords, a suite of features aimed at protecting children online, and privacy protection. This includes allowing the setting up of a temporary virtual private network (VPN) to encrypt all internet data sent and received on the device when it is switched on. The idea behind it is to offer ‘follow me security’ – to protect your family wherever they are, on whatever device they are using to access the internet.