Last year we saw an unprecedented increase in attacks by nation states, hacker groups, and rogue players. This year the threats can only be described as more and more complex with every passing month and they’re knocking on your network door. Here are the top 4 threats you need to do to prepare for:
Threat #1: Ransomware
In 2017, ransomware will remain the top threat
The risk is especially acute for small businesses. The chance of businesses closing due to a ransomware attack where data cannot be retrieved is over 60 percent.
Ransomware’s family introduced two new members this year.
- Doxware: This variant not only encrypts data but holds it hostage. If the ransom is not paid you could find your confidential data on
publicdisplay for the entire world to see.
- Popcorn Time: If the option of a payment is not possible, you can send the malicious code to two of your friends as payment to get your data back.
Here’s how to protect your clients from this threat: Use an endpoint protection solution that includes a sandboxing program that scans documents and other attachments for malicious code before allowing the user to open them. Employee training is also effective in curbing malware. Look for a vendor that does social engineering awareness training.
Threat #2: Distributed Denial of Service Attack
Distributed Denial of Service Attacks (DDoS) increased 125 percent in 2016. The largest attack to date involved an attack on a French cable and internet provider in Q4 of 2016. The attack occurred at a rate of 1.2 terabytes downloaded per second. If you compare the cable providers attack against an attack on Krebs Security several weeks before, it was an increase of 50 percent.
DDoS bot armies can be rented for as little as $38 dollars per hour and cause $40,000 or more per hour in business disruption.
Protect yourself and your clients by using DDoS appliances that detect and defend against network flood and application layer attacks. Appliances like these use real-time analysis and behavioral analytics to defend against this threat.
Threat #3: Malware
Cyber threat reports in Q3 of 2016 show that 18 million new malware samples were captured.
In 2017, malware will evolve with the current
Malware easily avoids detection by mutation variants that don’t match existing signature files rendering antivirus software ineffective. Now these “
One way to protect your customers is to use behavioral analysis-based appliances and web services that use sandboxing and processor-level activity detection to pick up where the latest signature file-based antivirus products fall short.
Threat #4: Phishing
Phishing technique variants include spear phishing, clone phishing, and whaling depending on the selected target.
These techniques deal with the human factor of a business. Through the use of social engineering and email spoofing, employees are manipulated into giving out sensitive information for what an employee assumes is a legitimate reason. Often these imposters use phone calls, emails, or legitimate-looking websites to collect information from unsuspecting victims.
Facebook, Twitter, Instagram, and
In these cases, you can protect networks by educating employees to recognize suspicious- looking emails with typographical errors, poor grammar, or foreign origins. The human factor is often an overlooked aspect of network security.
Security has moved from a defensive position with traditional tools such as antivirus and antispam solutions relying on known threat databases to proactive techniques that use behavioral analysis and threat inspection. These tools bring the fight to the hacker and the malware they create.
Tech Data Security is here to offer you solutions and strategies to keep your customers’ security strong and up to date. The cyber threat landscape is always changing, as are the tools and knowledge to combat it. Take the first step to ensure that you and your customers have access to our extensive line of world-class security vendors and services. Click on the link below to see what Tech Data can do to grow your security business, and keep your customers protected.
About the Author
Chris Parisi is a pre-sales engineer and architect for Check Point security products. He conducts pre-sale consulting and training for Tech Data partner resellers and managed service providers, along with compliance training for security requirements for PCI, SOX and ISSA BMPs. Chris is currently working on Check Point Certified Systems Administrator Certification and CISSP Certification.
He is a liaison between technical administrators and decision makers during Check Point implementation projects, and designs solutions for customers based on RFP and recurring sales.