Imagine you came into work one morning, turned on your computer, and wasn’t able to access your company’s network. You may think the wifi is down or there’s a blip in the Ethernet, but then you start getting flooded with phone calls from other employees: They can’t access anything on their mobile phones, tablets, laptops … anything that requires connectivity to your company’s network. No matter what your IT team does, you’re still locked out of your network, servers, and applications.
This isn’t just any outage – it’s a Distributed Denial of Service cyberattack (DDoS), and it’s happening more and more frequently. You need to make sure you’re ready for it – otherwise you could face a tremendous disruption in business, lose money, and have to rebuild trust with your employees, customers, and clients.
DDoS attacks use junk data, usually sent from compromised machines or devices, to render a network, server, or application unavailable to legitimate users.
How can this happen? Increasingly, unsecured Internet of Things (IoT) devices such as video cameras are the source of this attack data. The more devices that are reliant on an internet connection, the easier it is becoming for bad actors to use these types of attacks to penetrate your IT environment and exploit your data. IoT isn’t going away – a recent study by PricewaterhouseCoopers (PwC) finds 63 percent of companies are planning to deploy IoT devices in the next year. IoT devices are estimated to grow from 20 billion last year to 51 billion by 2023.
You may think the answer is simple – secure IoT devices. The same PwC study also found that two-thirds of companies surveyed have an IoT security strategy in place or currently are implementing one to address the emerging risks of these devices. However, it isn’t so simple. The security mechanisms on IoT devices often are disabled by default, and security patches for the systems often are unused, allowing attackers to compromise them and use their collective bandwidth to steal your data. The distributed supply chain in which IoT devices are created and sold adds to the problem. There are three major players in IoT device manufacturing and selling:
Layer 1 is busy making the next chip, while Layer 2 is upgrading its product to work with the next chip. Maintaining older chips and products aren’t a priority. Even if you have a brand new smart watch, chances are the software components are four to five years old. The result is that hundreds of millions of devices are sitting on the Internet, unpatched and insecure. Hackers know this, and they’re working tirelessly to exploit this weakness and launch cyberattacks.
Despite the growing risk, the majority of attacks remain under the radar. Experts are finding that criminal DDoS attacks driven by extortion are coming to the fore once again. Hackers often contact businesses at a large scale and demand a bitcoin payment to prevent a DDoS. The majority of extortion attempts likely go unreported and uninvestigated. One trend fueling the rise of DDoS-extortion threats is the availability of DDoS-as-a-service. Cybercriminals rent their botnet to anyone willing to pay as little as a few dollars an hour, meaning no technical ability is required to launch attacks.
Lawmakers and regulators are trying to pressure companies to strengthen the IoT security. A bipartisan group of senators introduced a bill recently that would set security standards for IoT devices. In January, the Federal Trade Commission fined VTech Holdings Ltd. $650,000 for “failing to use reasonable and appropriate data measures” for an internet-connected toy.
As we’ve seen before, though, legislation and regulation take time to go into effect. Hackers aren’t waiting, and neither should you. How can you start to close the door on DDoS attacks on your enterprise?
First and foremost, you need to understand what’s critical to your business through a vulnerability assessment. Vulnerability assessments aren’t an opportunity to play the blame game. It’s an audit of what you have today in order to plan for a more secure tomorrow. Then, look for a managed security services provider like US Cloud which has endpoint security services that will ensure any device that is accessing your network won’t be susceptible to hackers trying to penetrate your enterprise’s defenses.
Using our next-generation anti-virus and activity recording for all your endpoints, US Cloud comprehensively monitors and protects your operating systems and infrastructure from cyberthreats. Contact US Cloud and get a quote today to ensure you’re not the next victim of a DDoS attack.
Cloud services offer efficiencies and productivity, agility, and cost savings. There is no question that it makes a lot of sense for many organizations to move to hybrid cloud solutions.
Many IT leaders are understandably hesitant about moving their IT infrastructure and critical workloads to the public cloud. In addition to public cloud security issues, they’re worried about losing visibility and control of their IT resources and data.
Ironically, many IT leaders don’t really know what’s in their IT environment, which means they have less visibility and control than they think. Recent ransomware and wiperware outbreaks have illuminated how few organizations have accurate records of what IT resources were operating in their environments, or even the status of the known systems. While this is due in part to the rapid adoption of things like shadow IT, it is also frequently the result of such things as personnel changes, mergers, and acquisitions. For many organizations, conducting a full network analysis before transitioning some of their network resources to the cloud is the first time an IT leader is able to scope a full and accurate view of what their IT environment looks like.
That has to be done before you can secure your hybrid cloud environment.
IT leaders need to know the delineation of responsibility between them and their cloud provider. That depends on whether their cloud provider is Infrastructure as a Service (IaaS), Software as a Service (SaaS), or Platform as a Service (PaaS).
A clear understanding of how much of the stack they are responsible for managing will drive the strategy for securing their hybrid cloud environment.
Key strategies include knowing what’s running on your network, where things running on your network are being used and where users are connecting, why the things running on your network are being used, who is using the things running on your network and when.
Then, turn off what is not being used.
Credential management is the biggest risk. Lots of cloud services are set up with security as an afterthought. Non-IT-trained people are setting up sharing services with things like non-expiring links, so confidential and proprietary information is sitting outside your network.
An emerging trend is that end users are setting up cloud services without considering the three tenants of information system management that IT professionals are trained to ensure – accessibility, availability, and security of information.
You don’t have someone handle the company finances who doesn’t know anything about accounting. Yet, we see companies letting unqualified personnel put the company’s proprietary information, the crown jewels, outside their network so that company data can walk out the door with them if and when they leave.
Contact US Cloud to discuss your unique hybrid cloud security needs, roadmap your hybrid cloud security plan, or get pricing options for managed security services.