Every organization has some type of value to attackers. There’s a monetary or intellectual gain that every organization can provide the bad guys, and that illicit gain can be extracted from any organization whether it’s client data, employee data, trade secrets, or whatever information your organization values. Every organization has become a data organization, whether that’s how your industry started or where you want to be. There’s so much data and so much value in that data.
Even if you can honestly say that the data you have has absolutely no value to attackers, the real question isn’t, “Does your data have value to the adversaries?” it’s, “Does your data have value to you?” If the adversaries take your data away from you, what’s the impact on your organization (even if it has no value to them)?
Since every organization has something valuable it must protect, the reality is that every organization is a potential target for extortion-related attacks. Extortion-related attacks have changed the paradigm for how attacks work, what they are targeting, what the adversary is doing, and what their goals are. One of the things that’s important to understand is that the adversaries are going to be opportunistic; they’re going to take the path in front of them. (Minimize organizational risk with our holistic security solutions)
Adversaries do their own research and development to be more efficient at their job. One of the key changes in attacks we’ve seen recently is how much attackers are increasingly leveraging automation. It allows them to expend little effort to attack large numbers of environments. And that has completely disrupted the common mentality of just being slightly more secure than your neighbor.
To explain, you may have heard someone say their goal is to make sure their house is a little more secure than their neighbor’s so burglars will bypass their home and attack their neighbor who may not have the same level of security. That mentality from a cybersecurity perspective of being slightly ahead of the lowest hanging fruit doesn’t work because automation requires little work to hit many organizations. Automation doesn’t care about the value of your data, and it doesn’t care about your security posture compared to somebody else. Therefore, everyone is a target. If you’re on the Internet, you’re part of the collective target.
Attack Methodologies
Email-based attacks are still by far the number one method of malicious activities because email addresses are readily available. They’re on our websites and on our business cards. We sign up for various mailing lists. You can search for most people’s name and organization and find an email address. And with email addresses being so readily available, it means you can attack many organizations at once. With automation, adversaries can quickly collect huge databases of email addresses and target tens of thousands of organizations with a single click of a button. You’re just as likely to be receiving these emails as a bank or government organization. And that makes you just as much of a target as anyone else.
Survival Time
The survival time metric is applied to different types of systems, so you have a different number for a Windows Server versus a Linux server versus an Apple product. There’s a running number of how long an unpatched system that’s connected directly to the Internet can survive before it’s compromised. As you look at this metric over time, you can see the ebb and flow as vulnerabilities are exposed and patches come out.
The reality is that unpatched systems connected to the Internet are automatically compromised within minutes of being connected. There have been times when the survival time is in the low double-digit seconds where the moment that system shows up online, it’s immediately attacked. That’s because adversaries are constantly scanning the Internet and automatically attacking various targets.
Everyone’s a Target Now
Nobody is personally reviewing your organization and deciding it has enough value to target. You can be automatically attacked just by connecting a system to the Internet. Everyone’s a target now. Since you’re a target, it’s time to identify what your critical assets are so you can protect them. Those assets include your data and the systems you rely on to run your business. You must ensure those are protected and backed up.
To learn more about how you can secure your organization, contact us today.
