8 Ways to Halt Cyber-Attacks

February 9, 2021 | Reskill Your Workforce | 3 min read

Recent Cyber-attacks 2020

Known cyber-attacks are well documented and understood. The MITRE Attack Framework, a Web-based database, identifies 291 unique tactics. Many tactics are repeated by known adversary groups because they work. Detecting intruders is difficult business and intrusions often go unreported for months.

We accept as reality that cyber-criminals spend every waking hour inventing new, more damaging methods of doing harm. The simple truth is that nearly 80% of all attacks are known tactics repeated by identified adversaries. Once inside, invaders avoid detection and move laterally.

Detecting invaders requires a combination of expertise, process and tools, and steadfast vigilance. Sadly, the majority of intrusions go undetected until after the damage has been done.

How confidently can you answer these questions about your organization if a cyber-attack goes undetected?

  • What is at stake if the news of your attack goes viral?
  • Will you be able to compete effectively after losing customer trust?
  • Can you survive a loss of intellectual property?
  • Are you protected from hackers and malware contaminating your data?
  • Does everyone in your organization know they are responsible for cybersecurity?

At stake is your brand image and company reputation. Trust is a function of data integrity and confidentiality and not easily restored. Losing intellectual property can tip your balance sheet into a tailspin. Everyone in your organization is responsible for detecting cyber-crimes and developing the skills to be a successful security champion.

Subscribe to the Skillsoft Blog

We will email when we make a new post in your interest area.

Select which topics to subscribe to:

Detecting cyber-crimes and developing security skills

Stopping bad habits and closing windows of exposure won’t make detecting intruders any easier, but it will reduce the vulnerabilities and the number of attacks. Below are 8 things to stop doing that will improve cybersecurity:

#1

STOP assuming everything is safe:

For too long, we have accepted weaknesses in the software supply chain. We must be more diligent about putting pressure on the supply chain to demonstrate proof of deep security scrutiny from third-party software.

#2

STOP fighting the last war:

The SolarWinds attack from Russia occurred because security experts were looking for a different tactic that was deployed successfully in the past. We clamped down on hackers while the state supported adversaries implanted malware and evaded detection.

#3

STOP Creating opportunities for harmful SQL injections:

Web forms are a favorite entry point for intruders to insert SQL commands rather than requested information into seemingly benign forms. Undetected, invaders can access underlying databases and, make malicious changes to data or SQL commands. SQL injections are one of the oldest invasions that still works unchecked.

#4

STOP skipping security patches and updates:

Fixes are often the consequence of vulnerabilities discovered during attacks. The difficult detection work has already been done for you. Apply fixes and updates without delay. They aren’t optional.

#5

STOP using 3rd party APIs without security acceptance testing:

Similar to #1 above, APIs are the most attacked code. and expose back-end systems / Web browsers.

#6

STOP configuring Cloud deployments without adequate security policies

The public cloud is safe with extensive security infrastructure. However, transitioning to Cloud doesn’t mean the end to security concerns. All the basic principles of security still apply.

#7

STOP rapid fire deployment of new Software releases without protected CICD (continuous integration continuous delivery) DevOps processes:

Detecting attacks is more difficult when new releases push live weekly, daily, or even hourly. Protecting Cloud systems is an example of the intersection of people, policy, and technology.

#8

STOP assuming compliance with standards like NIST (National Institute of Standards) is the same as adopting security principles:

Both are valuable but perform different objectives.

The SolarWinds attack was a wake-up call, unlike anything we’ve ever seen before. It was a Cyber Pearl Harbor. Fighting back hinges on better prevention and detection of cyber-attacks. Stopping practices that invite intruders is a good place to start.

Skills to support threat detection