The number of ransomware attacks surged from about 3.8 million in 2015 to approximately 634 million attacks last year, according to the SonicWall 2017 Annual Threat Report. But worse is yet to come since these attacks are poised to “become more creative as attackers identify more repositories of valuable data that they can exploit,” says Scott McCrady (pictured below), SonicWall’s vice president who heads the Asia Pacific Japan region.
McCrady observed how the global Wannacy attack aligned with cybercriminals’ increasing focus on poorly secured websites and databases on the web. “At the same time, we saw the rise of new cyber threats that targeted organizations of all sizes and led to serious financial consequences for many,” he adds. “The Philippines for instance, suffered its worst election data breach in history with the personal information of 70 million people compromised by hackers. In Singapore, the DDoS attacks on StarHub’s broadband network were unprecedented in scale – with the telco hit by two waves of attacks within a span of three days.”
Uptime at stake
Also adding to the risks faced by organizations are Internet of Things (IoT)-based distributed denial-of-service (DDoS) attacks that frequently target e‐commerce sites and others that heavily depend on uptime for profitability.
Still, amid the gloom, security teams have tasted success in fending off attacks that would cause damage in the past. SonicWall reported a drop in the volume of unique malware attack attempts for the first time in years, from 8.19 billion in 2015 to 7.87 billion last year.
However, for businesses looking to digital transformation to drive IT innovation, enhance workforce mobility and reduce risk, a new breed of network security solutions that deliver more than just breach detection is required.
Organizations will have to rethink their needs for IoT security as the growing number of connected devices used by mobile workers and vendors increase their exposure to cyber attacks significantly. The Wannacry attack also shows how quickly and widely an attack can propagate. “Organizations require breach prevention capable of handling threats delivered by any vehicle including web and email, over encrypted or unencrypted traffic, across any network including wired and wireless, and for not only PCs but tablets, smartphones and IoT devices,” McCrady suggests.
Indeed, a major concern is the governance and risks associated with greater use of automation, smart machines and IoT for businesses. Compromised IoT devices have been used to mount massive-scale DDoS attacks in 2016, providing an enticing attack vector for cyber criminals.
McCrady offered several reasons for the surge in IoT attacks. “IoT developers and start-ups have been under pressure to beat competitors to market, often leading them to launch their devices without fully baked security features in place,” he says. “That same lack of security focus means unsecured on-boarding experiences in which users are never presented with an option to change their password from the default.
“Furthermore, when cyber thieves discover a weakness in a device’s firmware, they could exploit it ad infinitum, as the manufacturer rarely has a team dedicated to updating and patching those issues or informing users they’ve been compromised.”
Hence, the lack of regulations, guidelines or accountability for IoT device makers leads to the high likelihood of security gaps that cyber criminals can readily exploit.
For example, attackers leveraged hundreds of thousands of IoT devices with weak telnet passwords to launch DDoS attacks using the Mirai botnet management framework in late 2016. The attacks on hosting company OVH and DNS service provider Dyn, in particular, brought down prominent websites including Airbnb, Netflix, Reddit, Twitter, Spotify and many others.
“While the exact cost of these attacks has not been revealed, DDoS attacks in general are estimated to cost businesses an average of $22,000 per minute, with the cost ranging as high as $100,000 per minute,” McCrady points out. “With the average DDoS attack lasting six hours, the financial impact can be enormous.”
In response, SonicWall aims to help businesses refocus their cybersecurity strategy from breach detection to breach prevention. “To prevent IoT devices from falling victim to a DDoS attack, SonicWall recommends that devices are protected by a next‐generation firewall which scans for IoT‐specific malware like Mirai,” McCrady says. “It is also critical to segregate all IoT devices on a separate zone from the rest of the network in case the device becomes compromised.”
The SonicWall Capture Labs, meanwhile, provides IT organizations with the visibility and intelligence to identify vulnerabilities in all categories of IoT devices, including smart cameras, smart wearables, smart homes, smart vehicles, smart entertainment systems and smart terminals.