Nontraditional channels open new avenues for cyberattacks, report warns
GREG GRIESSEL Cisco advises companies to look at their infrastructure and systems holistically to identify unprotected or vulnerable systems that can be exploited or breached
Overlooked legacy systems and static devices are creating new avenues for cyberattacks, says Cisco South Africa Security Solutions consulting systems engineer Greg Griessel.
Cisco’s ‘Midyear Security Report 2014’ highlights that many of the exploited vulnerabilities include older devices and legacy systems in industries that are not commonly targeted and, thus, often remain vulnerable to cyberattacks, such as the food and beverage, agriculture and mining industries.
“Cisco’s dedicated security intelligence and research group, called Talos, found that more attacks are occurring and more creative attack vectors are being used. For example, point-of-sale devices are being used to infiltrate company networks to launch further attacks on other internal and supposedly secure systems, as these devices are typically static and never updated or protected.”
The report also notes that threats posed by mobile devices in companies’ networks constitute an area that is in flux and could pose increased threats to companies’ data in future.
Mobile devices that are often not properly secured are allowed onto the company’s in-house network, introducing threats and vulnerabilities to otherwise secure networks of security-alert companies.
Talos identifies the main types of cyberattacks as malware websites that people are redirected to, bot-net attacks that use compromised devices on the inside of networks to launch larger attacks on the networks and theft of encrypted data to decrypt, extract and use the stolen information for cybercrime.
“Many organisations focus on high-profile vulnerabilities and on high-level protection, such as firewalls and intrusion detection and prevention. However, low-profile legacy applications and infrastructure, which are often overlooked, unprotected and not updated, are vulnerable to breaches and attacks,” Griessel explains.
Cisco advises companies to look at their infrastructure and systems holistically to identify unprotected or vulnerable systems that can be exploited or breached.
Griessel says companies must have visibility of the traffic on their networks and the context of each process, which includes user behaviour, devices and connections, to determine normal operational traffic on networks. This information is then used to identify abnormalities in network traffic and user behaviour, which are then flagged as potential breaches or threats that are investigated further, he adds.
Most companies can gather sufficient information from the equipment in their networks to implement a security monitoring system. Crucially, companies must always conduct thorough investigations of breaches and attacks after they have occurred to ensure that vulnerable areas are secured and to improve the security of their networks.
“Talos found that some bot-nets existed in companies’ networks for two years before being used to carry out an attack. This is why traditional cyberprotection strategies must be augmented by monitoring and analysis of internal networks to identify and manage threats and risks,” concludes Griessel.
Comments
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation