Why Automated Security Threats are Proliferating and How to Fight Back
We’ve written before about the importance of looking inward, rather than out, when it comes to evaluating what types of cyberattacks are the biggest threat to your unique organization. A large part of the attack landscape today includes automated threats. Rarely do we come across handcrafted attacks targeting specific organizations. A far cry from bespoke and laser-targeted, the vast majority of today’s cyberattacks are built for volume and trolling for the weakest point of entry.
So, what exactly are automated security threats and how can you best protect your organization from them?
Understand the Attacker Perspective
In most cases, attackers are looking for a good return on investment. It’s probably not worth it for them to sit in a room trying to breach a specific organization for weeks, unless you are talking about a nation-state or another organization with very specific goals. Much more common is the cybercriminal who just wants to make a quick, easy buck.
In fact, quite a few cybercriminals have realized that there’s more money to be made in building botnets that they can rent out to other people than in executing the cyberattacks themselves. Once you begin to look under the hood, it’s actually kind of amazing just how commoditized the cyberthreat landscape has become.
Specifically, when it comes to automated threats, you may want to spend some time familiarizing yourself with how these types of attacks work, how they breach systems, and how they persist. This can help your organization optimize security configuration and minimize risk.
The mechanics of automated attacks are important to understand when it comes to strategically building your defenses. Yes, if you work for a major defense company or a government agency, you may need to plan ahead for the possibility of a direct, targeted attack. But odds are you’re better off focusing on the low-hanging fruit like automated attacks.
Make Yourself an Unappealing Target
Automated security threats include things like botnets and exploit kits. In many cases, what these programs are doing is looking for common weaknesses. They go after known vulnerabilities that many organizations have not gotten around to patching, because it’s much easier than developing exploits for zero-day vulnerabilities.
Because these are not cutting-edge vulnerabilities, it’s another case of our favorite analogy: You don’t have to run faster than the bear. You just have to run faster than the other guy.
We’ve written in some depth about what it takes to make yourself an unappealing target. It’s not about perfect security (impossible), but about good security (achievable). In our view there are a few key steps:
- Understand how hackers think (as we mentioned above) — in this case, understand why they use automated tactics and how they work.
- Ignore the headlines and remain focused on real threats to your business.
- Prioritize and address vulnerabilities.
As far as the third bullet is concerned, it helps to adopt a mindset of continuous security improvement. There’s always more to be done, so if you can prioritize the steps you need to take and methodically work to check them off the Go to the full article.