Insider Threats, Ransomware and DDoS Attacks - Most Feared Cyber Attack Vectors

SANS and Infoblox released the results of a survey, which revealed the top threats and security challenges that are putting company networks and data at risk.  Currently, ransomware, insider threats, and denial of service are considered the top three threats organisations face when securing the data.

Ajay Uggirala, director at Imperva, said: "It is no wonder that ransomware, insider threats and denial of service attacks are viewed as one of the most dangerous threats. Insider threats present a particularly serious issue because the perpetrators (wittingly or unwittingly) are already inside a network. As we’ve seen in past high-profile cases, data breaches caused by careless, malicious or compromised insiders are real and serious.

"Because the problem begins with users that have legitimate access to enterprise data, attacks from the inside can be present for long periods of time before finally being detected.  What’s more, costs associated with loss of data can run in the millions and lead to customer loss, brand damage and stock price decline.

"Ransomware is equally as damaging, as once a web application is compromised it is easy to plant ransomware to restrict access to the data that application is serving. It is important to protect the application itself by blocking web app attacks and denying account takeover attempts this can be achieved with security tools such as web application firewalls and fraud prevention systems, as we have seen illustrated by the devastating Not Petya and WannaCry ransomware attacks this year alone.

"DDoS attacks are also increasing sharply, due to their ability to disrupt some security measures and cause fatigue to the people in charge of the attack mitigation, forcing them to stay alert even in the quiet time between the attacks. In the first quarter of this year, we saw the number of such repeat assaults reaching an all-time-high, with over 74 percent of DDoS targets attacked at least twice in the span of that quarter. The cybersecurity threat landscape is more crowded than ever, in short."

Also Read

Stay in the know with our newsletter