As 2018 draws to a close, cybersecurity breaches continued unabated to make headlines and causing widespread damages to enterprises. The truth is that the nature of the threat from cyber-criminals is changing, becoming increasingly invisible, menacing and the attack surface broadening by the day, making it difficult to identify and protect from potential threats. From some recent attacks, we saw medium to large scale disruption to enterprise’s infrastructure, integrity compromise and loss of trust of its data. Cryptocurrency mining malware was one of the most prominent in exploiting human weaknesses. The modus operandi was to establish relationships with the target and then eventually execute the malware. It led to customer loss, legal actions and shareholder revolt. There are still gaps and attack vectors continue to elude traditional defenses. Enterprises globally continue to invest by implementing layered defenses, tools with artificial intelligence and machine learning, establishing processes & policies, monitoring & incident response. As enterprises move forward, they would continue to prioritize cybersecurity and data privacy.
Looking back at a couple of attacks which made headlines in 2018. This month in December, we saw over 500 million customers of the Marriot hotels exposed. As details of the breach emerge, this appears to be one of the largest in recent years, probably took four years before it got discovered. Earlier, in September, attackers exploited a security flaw in Facebook’s “View As” button to take control of about 90 million user accounts. Facebook still remains unsure when exactly this started and who were the possible culprits. Similarly, in September 2019, a breach involving stolen personal and financial data with British Airways (BA) affected about 380,000 transactions. It impacted BA’s operations for two weeks when their website and Apps suffered the “sophisticated” attack. Customers were also suggested to check their bank and credit card records for possible fraudulent transactions as a fallout of the data breach. Also, earlier, Google identified a vulnerability in a Google+ API. As a response, Alphabet, Google+ parent company decided to shut down Google+ entirely.
Overall, the breaches of 2018 remained at a consistent pace compared to the same time period of 2017. Mega-breaches and hacking concern persisted across all industries, the overall trend of ‘mega breaches’ continued. While larger enterprises are possibly more secure, small to mid-size enterprises are still vulnerable. There remains the difficulty in delivering the same level of security across, given the situation that every component of hardware and software may have security vulnerabilities, and it becomes nearly impossible without using AI to make sense of all the metadata being generated. Having a reliable security assessment approach, automated patching and closed-loop collaboration mechanism assume even greater significance today. Traceability of interactions between devices and applications will continue to be a challenge. Enterprises will face fatigue due to an overwhelming number of alerts and false positives requiring immense manual human investigation.