Ransomware attacks globally nearly doubled in 2021. BitSight’s Ransomware for Dummies book reveals indicators of potential attacks, and how to minimize costly damage when successful ransomware targets you.
Today’s opportunistic hackers are seasoned professionals who are getting more adept at exploiting your organization’s digital attack surface. To do this they employ a variety of attack vectors.
What is an attack vector?
An attack vector is the tactic a bad actor uses to infiltrate or breach a network or IT infrastructure. If successful, attack vectors block access to sensitive data or resources, exfiltrate data (data theft), or move laterally until the attacker reaches their intended target.
To protect your organization, it’s imperative that you identify today’s attack vectors and develop a cyber risk mitigation strategy for each.
Let’s look at seven of the most common attack vectors and ways you can avoid them.
- Denial-of-service attack
- Malicious insiders
- Stolen credentials
- Unpatched applications or servers
We are in the middle of a ransomware epidemic. According to the Verizon 2021 Data Breach Investigations Report, ransomware incidents have doubled year-over-year.
Ransomware occurs when a cyber criminal or nation state encrypts the victim’s data until a ransom is paid. Thanks to the rise of ransomware-as-a-service (RaaS) tools, these attacks require little technical knowledge and are inexpensive to execute. The gains are also high; losses from ransomware in 2020 totaled more than $29.1 million.
What can you do to prevent a ransomware attack?
Ransomware is not 100% preventable, but there are some proactive steps you can take to minimize your susceptibility, including staying informed of your organization’s risk posture. This can be achieved by proactively and continuously monitoring your network for vulnerabilities before a hacker can take advantage of them.
BitSight Security Ratings makes this process easy and scalable and is the only platform whose findings correlate with the risk of a ransomware attack. Our own research shows that organizations with a security rating lower than 600 are 6x more likely to be a victim than organizations with advanced ratings.
A phishing attack occurs when a bad actor impersonates a legitimate person or organization – typically via email – and asks the recipient to take an action that would give the phisher access to critical data or systems.
Phishers often target people with authority to approve the transfer of funds or guardians of sensitive information like HR managers.
To avoid this attack vector, educate your employees on the signs of a phishing attack. Tell them to be on the lookout for unfamiliar email aliases, grammar or spelling errors, logos that look suspicious, and calls to action that encourage password resets. Warn them against opening these messages or clicking on links. Phishing protection software can also prevent suspicious emails reaching an employee’s inbox.
3. Denial-of-service attack
A distributed denial-of-service (DDoS) attack occurs when a bad actor bombards a website with a slew of traffic requests at once. If successful, the site or server will crash for a period of time, limiting information availability.
DDoS attacks grab headlines because they are often performed to disrupt government, technology, or consumer services on a large scale.
Mitigation measures include the use of DDoS prevention services provided by hosting companies, such as AWS Shield, that automatically safeguard applications against this attack vector.
Software misconfigurations, like incorrectly configured firewalls, are commonplace and are an easy entry point for attackers. In fact, more than 78% of organizations are exposed to ransomware risk due to misconfigured systems.
Prevention strategies include continuously monitoring your organization’s security performance on-premises and in the cloud for misconfigurations. Don’t forget your vendors. Third-party monitoring can reveal these vulnerabilities in the networks of your digital supply chain.
5. Malicious insiders
Insiders continue to be a leading attack vector. Forrester predicts that 33% of cybersecurity incidents in 2021 will involve insider threats. This attack vector is particularly dangerous because employees can breach or destroy sensitive information such as intellectual property, customer and employee data, and financial assets.
To avoid these attacks, implement multi-factor authentication, limit and monitor access privileges, and monitor user behavior on the network.
6. Stolen credentials
The use of stolen credentials – as seen in the recent Nobelium hack – is a common attack vector due to the sheer number of stolen passwords available on the dark web. These credentials can be used to distribute phishing emails or access corporate systems.
Basic steps your organization can take include preventing password sharing and reuse, multi-factor authentication, and continuously monitoring for exposed credentials.
7. Unpatched applications or servers
Patching is one of the easiest things security teams can do to address known vulnerabilities and security flaws in IT systems. Yet, this basic cybersecurity hygiene measure is often overlooked due to the sheer scale of enterprise systems, volume of updates, and lack of resources.
The consequences are severe. BitSight discovered that less mature patching programs increase ransomware risk sevenfold.
As cyber criminals continue to exploit outdated systems to carry out massive attacks, take steps to continuously assess your network for unpatched systems, prioritize areas of disproportionate risk, and allocate resources where they have the greatest impact on security performance.
Evaluate and report on risk mitigation efforts over time
Of course, an effective cyber risk strategy to address these attack vectors also involves a regular review of your security program performance. Here, BitSight can help. Security ratings are updated on a daily basis, so you always have the latest information at your fingertips to evaluate how your security posture is changing over time and track how your investments are moving the needle on risk reduction.
BitSight can also help you communicate effectively to various stakeholders, including executives and board members – in a non-technical, risk-based language that they understand. Learn more about How to Talk to Leaders About the Importance of Risk Management.