Breaking News from WatchGuard: Trending Security Threats
WatchGuard’s Threat Lab works tirelessly to evaluate and analyze the latest in digital security threats. Using “data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet,” WatchGuard’s Threat Lab seeks to bring customers, clients, and partners insightful analysis about trending online threats.
Their most recent report honed in on four threats that could affect your network without proper precautions and security measures:
Malware comes in many forms, from virus-laden email attachments to downloaded trojans disguised as trusted software. Malware is any software that was created with the purpose of infecting and performing malicious acts on your computer or network. They find vulnerabilities and exploit them, releasing the malware to steal your data or limit your access to your own network.
According to the Threat Lab, “Using methods the criminals call “packing and crypting,” attackers can repeatedly change a malware file on a binary level, making it look different to antivirus software.” That means that antivirus products can miss this malware, even if they were previously able to identify it.
To meet the challenge of advanced malware, advanced antivirus tools must be used. WatchGuard offers tools like Threat Detection and Response (TDR) and APT Blocker to identify even the most evasive malware.
Trusted Wireless Environment
With over 8.4 billion (and growing) connected devices, there are more WiFi networks than ever before to meet the demand. Hackers and attackers are skilled at finding and exploiting unsecured connections in order to gain access to your confidential data. While they certainly do seek out information from the public, businesses have increasingly become the target of these attacks, costing billions of dollars in fines and breach remediation costs.
The WatchGuard Threat Lab has identified these six known wifi threat categories that leave your business vulnerable:
- Rogue access points, which allow attackers to bypass perimeter security.
- Rogue client, which deliver malware payloads to the network after connecting to malicious APs.
- Neighbow access point or client misassociation, which risks infection from connecting to other SSIDs while in range of the authorized AP.
- Ad-hoc network, which uses peer-to-peer connections to evade security controls and risk exposure to malware.
- Evil twin access point, which lures users to connect to it so as to spy on traffic, steal data, and infect systems.
- Misconfigured access point, which opens networks to attack as a result of configuration errors.
Business must update their wifi networks to more modern configurations that can prevent these types of attacks. The investment in your network today could save you thousands, or even millions, of dollars tomorrow.
Weak and Stolen Passwords
It’s not a secret that training your employees on password protection best practices is necessary, but is it enough? Cybersecurity experts say no. Instead, multifactor authentication must be incorporated as part of your everyday password routine in order to truly protect you from threats and data breaches.
People have an increasing number of online accounts, leading to the creation of simple (and weak) passwords that can be easily remembered. A 2015 Dashlane survey revealed that each person had over 90 online accounts, and had to reset their password using a “forgot password” link for 37 of those accounts in the prior year. It’s no wonder that people are seeking passwords that are easily remembered!
This leads to another problem– If an employee’s password is stolen outside of work, but it is the same password used for work accounts, it can easily be used to crack into the company network. This presents serious problems.
Ransomware is under the same umbrella as advanced malware, but works in a very specific way. It locks the device that it is targeting, either preventing the user from accessing it completely or encrypting files so that they cannot be used. They literally hold devices and files “for ransom.”
Once the device is controlled by the hacker, they will make a “ransom demand,” in which they demand payment in a specific timeframe and fashion in order to regain access. Newer ransomware programs, like Petya 2.0 and WannaCry, move through the network laterally and lock out the entire Master Boot Record on the victim’s computer. At that point, the victim can’t access even the operating system.
Educating your employees is necessary, especially when it comes to email phishing attacks and regular software updates to limit vulnerability. Beyond that, companies must implement protective measures that defend against these vulnerabilities when people can’t. WatchGuard’s Total Security Suite provides this defense against advanced malware and ransomware.