Cyber attack vectors: End-points are the in-points for malware
Mike Hamilton of Ziften
Insurance company Hiscox has estimated that small businesses in the UK are the target of an average 65,000 attempted cyber attacks per day – a figure that ranged between 900 and 359,000 per 24 hours over a three-week survey period. While most of these attacks are successfully repelled, says Mike Hamilton, CEO of Ziften, around three small businesses are hacked every minute.
Today’s enterprises face a surge in the diversity and number of end points to be secured. Anyone could become an entry point for attacking the whole of the network. Not only a diversity of endpoints, each is likely to be subscribed to a different choice of security services and antivirus packages. It is a sure recipe for that most insidious threat: security fatigue.
With the rise of cloud computing, everything is now an endpoint. Even fixed PCs, and virtualised servers in the data centre are at risk of cyber attack – and the entire organisation has no clear inside or outside anymore.
What are the latest attack vectors?
The most threatening attacks to endpoints in 2019 are filelesss malware and ransomware, delivered through various schemes by cyber attackers.
- Exposed servers are open to the latest ransomware such as Ryuk and LockerGoga – Today’s ransomware is more targeted than in years fast. The ast acting threats encrypt and take hostage data and do damages estimated at over $11.5 billion (€10.2 billion) according to Cyber Security Ventures.
- Low-quality apps and software that aren’t from trusted sources. These may get installed on user phones or PCs when they are looking for a cheap software tool, such as a PDF reader, or picture viewer. This can affect both Windows PCs and Macs, so no device should be overlooked.
- PCs and phones alike are susceptible to Malvertising. This is common Ad traffic from web advertising platforms found on the most popular websites, but when rogue networks are behind the scenes, it opens the door to malware-laden code delivered.
Fighting back means scaling security with the cloud
There is a clear need for a fully automated response, informed by sophisticated machine learning: not only to anticipate, recognise and disable each novel attack, but especially to avoid wasting time and resources with false alarms.
The strength of yesterday’s citadel was in its unity: one network, one periphery. That cannot be recreated, and yet a higher-level unity can be achieved by deploying one universal Endpoint Protection Platform: a single agent enforcing appropriate security for every endpoint according to agreed policies. This must be cloud delivered, to ensure real-time updating and responsiveness to threats constantly evolving and changing by the minute.
Only a cloud service with access to loud-scale processing resources could ensure the necessary intelligence to recognise new patterns and identify multiple attack vectors.
Another criterion is that the endpoint protection platform, while unified, should be compatible with other forms of protection. Different users may have their own preferred anti-virus or intruder prevention solutions installed for particular reasons, and they may even be diligent in keeping them updated.
A measure of diversity is no problem, as long as there is one underlying security platform in place, holding the whole together. The very idea of being “proactive” in these circumstances might seem laughable: except that a cloud delivered endpoint protection platform backed by cloud-scale AI makes it not just possible but highly practical. “Autoproactive” security is available now.
This is the current state of endpoint protection: endpoint protection across a whole organisation with the ease of a cloud-delivered service that stays online and operates in real time supported by the most powerful machine intelligence available.
Thousands of attacks per day can be reduced to near silence. The network operator has at last got time to think, to plan, to strategise. No longer purely on the defensive, it is now possible to be creative, to explore possibilities, harden weak points, restore confidence and shape a better future.
The author is Mike Hamilton, CEO of Ziften.
Comment on this article below or via Twitter @IoTGN