The Increasing Attack Surface in 2019
The “attack surface” is simply the total digital resources that are exposed to threats across the enterprise, and that attack surface is growing faster than ever before.
In 2018, we saw a new level of criminal creativity in the way of adversarial AI algorithms, designed to do everything from creating a video of a former US President saying things he did not say, and another algorithm that tricked smart cars into believing that a stop sign was a 45 km/h speed limit sign.
According to a Webroot report, 87 percent of cybersecurity professionals in the U.S. leverage AI capabilities when developing security measures. However, 91 percent of these professionals also believe that technology is a double-edged sword since hackers can use it to launch even more sophisticated cyber crimes. Even the software we use to try and protect enterprises from threats can become another attack vector.
The Internet of Things (IoT) has also increased the attack surface as more and more endpoints are connected to enterprise networks, and routers were a popular target for growing waves of attack.
Everything from software to physical infrastructure, to networks, clouds, devices and applications are vulnerable, as threats rise with the digital tide, including the unstoppable increase in enterprise mobility and collaboration apps.
The “holes” are everywhere, and the only way to address vulnerabilities in enterprise networks and applications is extreme visibility into what is happening, in parallel with extreme security and control mechanisms.
While the trend shows the surge in the attack surface, there are some steps that can be taken to address this growth:
- Removing complexity: Complexity usually occurs when the policy management is poor and there is incomplete information that potentially leads to technical policy mistakes and allows access beyond what is necessary to fulfill the business requirements. Eliminating complexities reduces human errors and risks, and solid identity access management and privileged access management systems can help dramatically.
- Knowing vulnerabilities: Companies can take advantage of tools that enable them to identify their weak spots, using attack surface modeling, attack simulation, and patch simulation.
- Segmenting the network: Enterprises can architect their network into multiple networks, creating barriers for attackers who may wish to pivot in (for example, attacking an unprotected voice network to get to a valuable data network).
- Prioritizing analytics: Security configuration assessments, traffic flow analysis, and quantitative risk scores can be extremely effective in reducing the attack surface across all networks, clouds, databases, applications and data sharing systems (including APIs).
In 2019, the greatest areas of concern according to security experts include:
Internet of Things (IoT): The pace of IoT adoption has been tremendous over the last 2 years and will be stronger in 2019 as the 5G mobile standard evolves. However, there are some challenges to be dealt with, as with 5G, more devices will be connected which means a higher volume of data needs to be managed.
Supply Chain: With the increase of cloud-based services and sharing, companies and suppliers are sharing more and more data, and third-party risks rise as a result, unless security measures are put in place, from authentication to authorization – and all of this benefits from automation, driving demand for sophisticated software approaches as “manual” management of security across growing digital domains is impossible.
Employees: Nearly half of the attacks and breaches are caused by internal staff, and enterprises are responsible for the intentional or accidental actions of their employees, including in highly regulated industries. The enterprise must have policies in place and systems to enforce those policies, and audit activity in real time, ensuring only those employees who need access to resources gain access.
We live in a hyperconnected world, with IP traffic exploding, and over 3 zettabytes of annual IP traffic expected by 2021.
Half the world’s population uses the Internet and 125 billion IoT devices are expected by 2030 according to some analysts’ forecasts.
As businesses become increasingly digitized, the attack surface will continue to grow – there is no reversing this.
All this complexity along with the constantly evolving nature of threats is leading to more and larger incidents, and as the spending by cyber criminal organizations is pegged at roughly 10X more than the spending by enterprises to fight threats (according to a 2018 Gartner study), it’s time to take a closer look at how the business community, along with governments and organizations, can collectively step up to reverse this alarming growth trend.
Author: Mohie Ahmed