Getting to know today’s threats

Threat actors aren’t stupid. Really, they’re not. They know that the best way into an organization’s network is through users. People are the weakest link in any cybersecurity strategy. Why spend countless hours trying to hack into a business system when a simple email spun up to look legit or a trusted website infected with adware can get a user to unwittingly hand over the keys to the castle?

Such is the state of cybersecurity today.

The simple fact remains that the web and email are the two most important business tools today—and they operate largely outside the confines of the corporate firewall. So threat actors have evolved to target web browsers and email clients, taking advantage of users’ trusting nature to gain access to critical business systems.

It doesn’t matter whether users are browsing the web via open source Mozilla Firefox or a security-focused browser like Google Chrome. All browsers have security vulnerabilities that attackers can exploit. Specifically, active content is a key component of today’s browser exploits. Most of today’s active content is written in either Flash or JavaScript. These programming languages can be used to deliver a malicious script to the browser, where it can give an attacker control over and visibility into the browser’s operation and its vulnerabilities—all without the user’s knowledge.

The most common email- and web-based attacks:

Zero-Day Malware:

• Continues to evolve a step ahead of most IT organizations’ security controls
• Attackers may be sponsored by nation-states or organized crime groups, which provide the resources necessary to develop and execute an advanced persistent attack

Ransomware:

• Type of malware that locks the user or organization out of their device or files and threatens to publish the victim’s data or permanently block access to it unless a ransom is paid
• Even if payment is made, there’s no guarantee that the adversary will deliver on his promises

Phishing:

• An email to a group of recipients under the guise of a company or a well-known brand
• Considered the most effective attack method, boasting a 4 percent success rate
• Includes no third-party reputational data that can be analyzed internally and that would accurately identify the email as a phishing attack

People remain the largest threat to an organization’s cybersecurity. The majority of today’s threats target users on the web and use email to direct users to view or download malicious content. Threats such as malware, ransomware, and phishing attacks use browser vulnerabilities and people’s trusting nature to gain a foothold into critical business systems where they can do real damage.