Learn to find it before they do
Source: Regent University
Cybercrime is nothing if not dynamic. As soon as bad actors are identified by local site personnel—whether they are adversarial nation states, crime syndicates or hacktivists—they change tactics. And all the while new players enter the field to disrupt and dismantle organizations and steal vital information for their gain.
It’s estimated that within two years, cybercrime damage—realized in financial loss, business disruption, and mitigation costs—will reach $6 trillion dollars, and cybersecurity spending will exceed $1 trillion.
In its recently released Internet Security Threat Report, the security company Symantec reported that while ransomware and crypto jacking are on the wane due to diminishing returns, a new threat, form jacking, have taken their place as a top threat.
With form jacking, cybercriminals inject malicious code onto retailers’ websites to steal credit card information. Small, mid-sized and international businesses have been hit with it, resulting in untold millions of dollars lost.
The report also indicated that in 2018, Living-off-the-Land techniques, in which attackers hide in plain sight by using native tools already installed on a targeted computer, increased. Supply chain and malware attacks increased as well. Internet of Things devices—smart lightbulbs, TVs, refrigerators and the like—remain a soft point of entry for the attack.
“What do all of these attacks have in common?” queried Don Murdoch, a SANS-certified GIAC Security Expert (GSE) and the associate director of Regent University’s Institute for Cybersecurity.
“They share some sort of agent or threat vector which allows the adversary to meet a particular objective,” he explained. “Threat agents are the means by which a threat connects with a vulnerability in an information system, a business relationship, a supply chain component, or some other valued aspect of the targeted organization.”
Murdoch, author of two industry-impacting books, “Blue Team Handbook: Incident Response Edition,” and “SOC, SIEM, and Threat Hunting Use Cases”, advised that end users and the applications or services that they use are major sources of attacks in the modern cyber battlefield.
“There are several agents, or vectors, that can be used to deliver an attack capability to the end user. They could be attachments in email, a link which successfully exploits a browser or a USB drive seeded in the parking lot,” he said.
Murdoch said that with the increased pressure on the American worker to be “always connected,” the threat agent is extended to their tablet, home PC and smartphone.
“These systems may be just as susceptible, or perhaps even more so, than the end user. For example, how hard would it be for someone to physically take an active unlocked cell phone?” he questioned. “What would happen if that smartphone belonged to an executive and the attacker sent an email directing employees to download an infected file by 5 p.m. in order to be compliant with a new program?”
To prevent the negative results from all of the above, Murdoch said that it is imperative that organizations ensure that their IT and security staff, and all technical controls, are capable of intercepting and stopping attacks. He suggested business leaders ask themselves these questions:
“Why are we likely to be breached?
What is our most valuable data that an adversary would want?
How can a determined adversary find the chink in our armor?”
An effective way to deter that, which is employed on Regent’s state-of-the-art cyber range, is through Breach and Attack Simulation (BAS). This technology platform deploys an automated attack method from a known good source in order to test the strength of the security tools in operation.
Along with BAS, Regent’s world-class instructors employ the most up-to-date strategies and educational methods to teach trainees how to effectively combat cybercrime.
With 20 globally accessible cyber range workstations, Regent provides immersive, hands-on training that closes the gap between theory and practice. It provides trainees, whether professionals in the field or students in the classroom, with the practical experience needed to prevent, identify and respond to tomorrow’s cyber attacks.
Live-fire simulation training™ starts with platform and tool orientation before moving into live-fire attack simulations depicting real-world cyber-attacks on traditional IT and Industrial Control System (ICS) networks.
Trainees work through increasingly difficult scenarios ranging from Web Defacement and SQL Injection to more sophisticated attacks such as ransomware and perform investigations using enterprise-grade tools found in many governments and Fortune 500 companies.
Regent University’s Institute for Cybersecurity is located in Virginia Beach, Virginia. It has been designated as a National Center of Academic Excellence in Cyber Defense Education by the National Security Agency and the Department of Homeland Security for its bachelor’s in cybersecurity. Home to one of the nation’s most powerful and agile commercially facing cyber simulation ranges, the institute is dedicated to closing the gap between classroom theory and practical, real-world proficiency.
Regent offers a series of courses under the Certified Cyber Practitioner™ (CCP™) program with the option to earn the CCP™ certification, range training using live-fire simulation training™, plus associate, NSA-accredited bachelor’s, and master’s degree programs in cybersecurity.
Regent’s Institute for Cybersecurity is disrupting and transforming the cyber defense industry with a state-of-the-art training platform and world-class trainers. To learn more about cyber training opportunities, visit regent.edu/cyber or contact the institute at 757.352.4215.