Evolving Cyberthreats Lead to Evolved Cybersecurity

With more people working from home, cybersecurity is more important than ever. Threat actors are becoming increasingly bold in their attacks and ransomware continues to be the preferred method of infiltration. Cybersecurity experts, however, are also adapting with the times by focusing on a previously overlooked aspect of ransomware attacks: dwell time.

According to cybersecurity news outlet Dark Reading, “dwell time” refers to “the length of time an interloper remains undetected inside the network.” They note that traditionally, ransomware attacks operate under “smash-and-grab” tactics. Where, once downloaded, malicious files attempt to encrypt as many files and workstations as possible. Now, though, these files are lingering, allowing operators to lurk in the shadows of a targeted network, studying how it operates and identifying valuable resources to exploit or hijack for bigger payoffs.

With the stakes raised, cybersecurity experts are now changing their tactics, no longer trying to keep hackers out, but assuming they have already infiltrated. This new approach has identified three ways to reduce attacker dwell time. First is through regular network penetration testing, which allows experts to determine how prone a system is to compromise and how those security risks can be patched. (For example, BMS’s cloud systems are tested each year by LMG Security, the results of which can be viewed here.) Second is by correlating network intelligence. As attackers move through a compromised network, they leave small traces of metadata (breadcrumbs, if you will) behind. Experts can then combine these traces into a unified picture to determine if a system is compromised. Third, experts recommend a zero-trust framework, software created to limit access privileges in lieu of traditional forms of verification, which makes it difficult for attackers to lock people out of their own networks.

Despite attacks being on the rise, it’s reassuring to know that cybersecurity experts are just as voracious about security as hackers are about exploitation. Still, it is recommended that, while working from home especially, to be safe while surfing. Don’t open emails from people you don’t know, and certainly don’t click any links within. For added security, IT experts recommend utilizing a virtual private network (VPN).

And just as a friendly reminder to all our clients: with fiscal years coming to an end and W2, 1095, and 1099 filing just around the corner, remember to file your information safely through secure channels. For more information, refer to the IRS’s Filing Information Returns Electronically (FIRE) instructions and the Social Security Administration’s security policy.

Share This Post:

This entry was posted in Best Practices, BMS Tech Tips, Latest News. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.