The range of tools for cybercrime increases but, if you play it smart, you can avoid any pitfalls.
New channels quickly open up for cybercrime, but the means of protection are also becoming more varied. This is what Petri Ramu, product manager in charge of DNA's information security services, stated at the cybersecurity seminar of Finnish hospital districts on Wednesday.
The new possibilities opening up for cybercrime are side-effects of the Internet of Things. According to Gartner's assessment, for example, the number of connected devices will triple by 2020.
On many devices, information security is weak or even non-existent. Unprotected devices are excellent tools for denial-of-service (DoS) attacks. In September, a DoS attack considered to be the largest in the world was discovered where, according to unconfirmed sources, nearly 150,000 Internet cameras and digital recorders were utilised.
Attackers may use such ordinary devices, such as baby monitors or industrial control units.
Targeted attacks are thoroughly planned operations, the objective of which is to quietly transfer information from internal networks of organisations. In this case, attackers aim to remain hidden in these networks. Because the malware used by attackers is customised, regular antivirus software offers no protection.
Commercial attacking services are also available for more incompetent criminals, also offering support services to their customers.
Remember to pay attention to Dave!
More and more services are also available for defenders. For example, telecom operators are offering a service which automatically detects and weakens DoS attacks and filters malware. DNA detects such attacks every day.
When it comes to defence, investments in technology alone are not enough; defenders must also know how to use this technology. While technology may fill its role in defence, people draw a larger picture of the attack, and people cannot be replaced by mere technology.
Not everything can be protected with full certainty. That is why it is important to assess what data and what functions are critical. The ground rule is that it is vital to protect boundary areas of the network using information security solutions between the public Internet and the internal network. Similarly, basic solutions include the identification of applications, the prevention of attacks and the filtering of malware. If software is properly updated, the area susceptible to attacks will be significantly smaller.
Not even the best firewalls, encryption methods or antivirus programs offer help if people do not follow their instructions. Most vulnerabilities are caused by negligence or carelessness. For example, this is possible when “Dave” finds a golden USB stick marked “management salaries” from his company's parking lot and inserts it into his computer. Other common causes are email attachments, interesting websites and social media.
Personnel training is an important part of information security. When employees understand the generality and consequences of possible attacks and their consequences, they will no longer undermine strict routines.
Other significant steps in terms of information security include:
- Information security planning at the beginning of digital projects
- Plans required for the management of information security risks from the operator you are working with
- Repair of basic technical issues
- Verified information security on all employee terminals
- Classification of data on the basis of its criticality and definition of the correct storage location for each criticality class
- Secured identity and management of user rights
These steps help organisations towards a higher level of information security to reduce risks, secure uninterrupted operations, increase reliability in the eyes of customers, and reach business goals.