threats | TRW Interns

Top Cybersecurity Threats of 2024

September 27, 2024 by Azubuike Nwenewo

Cybersecurity threat is any criminal activity that has potential to take place through the use of computer devices and the internet. There are many types of cybersecurity threats today, they come from different sources technically known as vectors. Such sources may include state actors, terrorist groups, organized criminal groups, hackers, malicious insiders like; employee, supplier, vendor, competitor, etc. Contemporary world is increasingly being shaped and controlled by automation powered by artificial intelligence, internet-of-things, cloud infrastructure and others; dependence on digital handlers are no longer optional. This development comes with its inevitable security risks. Cyberspace has become the current battle field where criminal elements have continued to innovate various methods of attacks on existing vita resources. Knowledge of these attacks and the vectors is key to planning and implementing preventive and responsive security measures. In no particular order; see below highlight of some top cyber security threats of 2024. Social engineering: this sort of crime occurs when a cybercriminal deceives internet users to provide sensitive personal information; the information given is oftentimes used to commit various kinds of crimes against the person or the organization they represent. Social engineering plays on human intelligence and emotion; it uses of tricks and games to generate personal and confidential information from ignorant people and use same to commit further cybercrimes. Third party exposure: talks about level of potential cyber threats an organization is exposure to due to its relationship with vendors and suppliers within its information technology supply chain. Configuration mistake: otherwise known as misconfiguration, refers to errors in information technology system configuration settings; examples may include fraudulent dataset, hidden data, unstructured data, wrong formatting, failure to patch or wrong patch, non-configuration of firewalls, non-segmentation of network, not using multi-factor authentication, ignorant workforce. These mistakes can occur in any stage of development, deployment and operation of an information technology infrastructure. Artificial intelligence threat: this malicious act could occur when cybercriminals use AI techniques to exploit system vulnerabilities and launch attack. Mobil device threat: is a threat that take place through use of mobile device. Suffice to say that most known cybersecurity threats can occur via mobile devices. This power tool is also a powerful threat. Insider threat: Insider threat is any security risk that come from people within an organization. This maybe anyone who by virtue of their roles have access to sensitive information and other corporate resources capable of being used against the business. There are two types of insider threat. One is intentional threat, the other is accidental threat. The former is oftentimes premeditated and by impulse, the latter is by ignorance or accidental. State sponsored threat: this sort of event occurs when some rogue nation states sponsor or directly carry out cyber-attacks against fellow states, prominent organizations or individuals. DNS tunneling: this sort of attack allows hackers to bypass network security by using Domain Name System as conveyor for malicious data traffic. Tunneling is a powerful tool for hackers, and a serious threat for resource owners and managers. Ransomware: this event occurs when malware takes control, locks and encrypt a resource (this could be data, files, or system), render it inaccessible, then makes a demand as condition for its release. Trojan horse: is a virus that disguise as genuine or legitimate program to gain access to a system. Attackers oftentimes use social engineering as delivery channel for this sort of threat. Drive by attack: also known as drive-by download use “exploit kits” to launch automatic download of malware onto a system without a user’s consent. It is usually associated with compromised webpages or plug n play devices. Poor cyber hygiene: cyber hygiene means maintaining healthy cyber practices for security of systems, devices, networks and data. Main goal is to secure sensitive data against attacks. When this is lacking – poor cyber hygiene is the case. Example may include poor network security, lack of configuration management, lack of cybersecurity training for employee. Cloud vulnerability: this refers to weakness in cloud infrastructure which attackers can take advantage of and gain unauthorized access to data resources. Poor data management: this refers to fluid practices that negate the security of data resources. Cyber bulling: this sort of event happens when digital communication channel is used to send intimidating, assaulting and damaging messages to a target. Cyber stalking: this sort of event occurs when digital communication channel is used to track and harass a target (usually a person). DDoS attack: Distributed Denial of Service is a malicious act of disrupting and denying normal traffic flow to a web resource through the use of overwhelming requests that renders the resource incapable. Brute force: is a hacking method that applies trial and error to crack login credentials, encryption keys and pass words to gain unauthorized access to a network or account. It is reported that brute force success rate is rising; making it a simple and reliable tool for cyber criminals. Man-in-the-middle: also known as MITM or path attack occurs when a cybercriminal secretly intercepts and alters a flowing conversation between two parties without their knowledge or consent. Poor post incident management: this results when after-incident is not properly managed to prevent recurrence. Cybersecurity threats are a serious challenge to businesses. Managing it requires good understanding of different methods in which they may occur. What was discussed in this article is not exhaustive, as such there should be ongoing efforts to uncover and have good insight to more. ALSO READ Cybersecurity Threat Of Social Engineering

16 Trending Physical Security Threats Every Corporate Organization should Prepare to Deal with

September 20, 2024 by Azubuike Nwenewo

Physical security is responsible for overall protection of assets, people and information in the business place. Threat is any person, group, and/or activity that have potential to cause breach of security within a defined space. While the underlie principle of physical security has universal application; what may be defined or accepted as threat is relative to time and space. Threat is synonymous with loss as such, whatever is seen as security threat must elicit thoughtful concern from organization who might suffer its impacts. For instance, pilfering may seem inconsequential in most business setting however, if was not confronted and addressed it can run down a business. The starting point for any corporate organization is to put in place a functional security team who have capability to harness available resources to prevent or frustrate potential threats. Physical security threats are constantly evolving alongside modern society. This is largely influenced by workplace culture, technology, knowledge, socioeconomic factors, globalization, and available market. To stay abreast or ahead of this trend, an organization must build agility, resilience and dominance. What can shape the kind of physical security threats a business may face include type and size of such business, industry, location, leadership and regulation, policing and criminal justice system. Here is highlight of all-time physical security threats every corporate organization should prepare to deal with. Access breach – happens when people and/or materials enter or leave business premises without authorized approval. An organization with porous access management will struggle to exist. Any state or country characterize by border (land, water, and air) porosity will be overrun by criminality. General theft – this old stealth craft may occur in form of stealing, dupe/swindle, pilfering, shoplifting, diversion, shrinkage, padding, undersupply, cargo theft, siphon, fraud, etc. regardless of its form, it is a business killer. Vandalism – this threat is a property crime. It involves willful destruction of a company property Stowaway – this sort of security threat is applicable to aviation and maritime transport sector. It occurs when people illegally board an airplane or ship with intent to enter another country without following official protocol. Burglary – this refers to act of gaining illegal access into a locked building, room or office with intent to commit crime. Oftentimes it involves forceful breaking and entry; sometimes, it may happen with ease of access. Arson – this is act of intentionally setting fire on a property to cause loss to the owner or users. It may be influenced by a disease called pyromania or by vengeance or by criminal intent. Robbery – this old coercive craft involves act of violence through the aid of a weapon to take what belongs to others. Civil unrest – this may occur in form of riot, protest, demonstration, strike, picketing, lockout or lockdown. Regardless of how it happens, it can cause business disruption. Kidnapping – involves abduction or hostage taking of people with aim for a gain. Identity theft – this crime involves intentionally taking on identity of another person and conducting relationship in the name and profile of the person. It is very common on cyber space; however, it also exists in physical world. For instance, a non-staff thief can use identity credentials of a staff to prowl, and to access or exit company premises. Natural disaster – this is an act of nature (force majeure) which may include flood, drought, storm, hurricane, tornado, and earthquake. Convergence of threat – also known as cyber-physical threat is a peculiar kind of threat that is increasingly bridging the gap between physical and cyber security worlds. When a cyber-attack impacts physical services of an organization, a convergence of threat is playing out. For instance, a ransomware or distributed denial of service can cause panic and frustration for customers of an organization thereby creating mutual insecurity. Product adulteration – this sort of security threat is applicable to manufacturing industry. It is a practice of faking a branded product that enjoy widespread industry acceptance and sometimes dominance. Workplace violence – this applies whenever any act of violence against someone happens in a business premises. It may include robbery, assault, harassment, fight, and other types of uncontrolled aggression. Fraud/embezzlement – fraud is a dishonest act of stealing money or property by deception or trick, while embezzlement involves stealing company’s money by a person of trust and authority. Sexual harassment and/or rape – this refers to intimidating act against someone for sexual pleasure; or forcefully having sexual intercourse with a person. This threat is most common with female gender; however, a male can also become victim of it. Physical security threats are realities of modern world business. The security threats exposed above are not new, however, criminals have continued to innovate new ways of committing them such that solutions which worked a decade ago may not be effective today. Proper prior planning will prevent poor performance in responding to these threats. ALSO READ: Insider Threat Management And Guide

Insider Threat Management And Guide

September 5, 2024 by Azubuike Nwenewo

Insider threat whether intentional or accidental can significantly harm your organization by causing financial loss, business disruption, reputational damage, and sometimes breach of compliance and associated sanctions and possible fine. This article aims to draw attention to this subject and briefly outline how to preventively manage insider threat. Suffice to say, many businesses tend to underestimate the presence, dangers and capabilities of insider threats. These set of people hide under genuine employees, vendors, contractors and partners; pretend to serve interest of the organization where as in reality, they pose serious threat. What is insider threat? Insider threat is any security risk that come from people within the organization. This maybe anyone who by virtue of their roles have access to sensitive information and other corporate resources capable of being used against the business. There are two types of insider threat. One is intentional threat, the other is accidental threat. The former is oftentimes premeditated and by impulse, the latter is by ignorance or accidental. Insider threat management refers to internal strategies and processes which a business can deploy for prevention, detection and response to potential threats posed by persons within the organization. Element of insider threat management should include; Risk assessment: will indicate the organization’s threat exposures and vulnerable areas to prioritize protection controls. Policy and procedure: will guide persons on standard operating procedures and the expected role behaviors. Training and awareness: will keep people informed about organization’s security culture and the present of insider threat. Surveillance and monitoring: will notified that every activities within the organization is being monitored for accountability. Insider threat response plan: will prepare the organization to promptly respond to risk of insider threat. It may be a stand-alone, or part of a composite plan. Continuous improvement: will activate reviews for improvement. 8-Controls Against Insider Threat: Maintain Consistent Background Check: employee background check is a conscious activity to prove or disprove claims made by applicant seeking job opportunity or already working for the organization. It is a verification exercise to know the veracity of information provided about an individual. Through background check a person with criminal history will likely be detected and denied employment so as to protect the organization from loss and embarrassment. Prioritize Risk Assessment: risk assessment is designed to know the potential threats that can cause harm and frustrate goals and objectives of a business. Risk assessment can identify most vulnerable areas to be exploited by insider threats, and proffer control measures. Conscious Of User Behavior: user behavior analytics otherwise known as UBA is popular in cyber security. It is designed to monitor, track and analyze behaviors of individuals in a setting for specific security purpose. While this concept tightly fits in cyber security, it can also loosely apply to physical security especially for specific individual who are suspected to pose significant security risks to organization. Through user behavior analysis; trends, patterns, early warning and redflag would be identified. Ensure Access Control: access control regulates in and outflow of persons and materials within a location. For better efficiency; organizations should practice role-based access control (RBAC) where by individuals are permitted access to areas, systems and resources that relevant to their functions. Enforce Policy And Control: policy as a statement of intent must be back up by behavior control measures to ensure compliance by stakeholders. Where this is lacking, will become a vulnerable context for insider threat to exploit. Deploy Physical Security: through people, procedures and technology. This measure will provide security and safety protection to physical assets. It serves to warn and caution insider threat actors of apprehension in the event of attempted security breach. Maintain Relevant Training Program: people will know better about organization’s security policy, standard and measures when they are consistently trained. Such trainings can be achieved through structured class, toolbox talk, sensitization and periodic electronics updates and games. Practice Reward And Sanction: honest acts should attract rewards; dishonest acts should attract sanctions. This is because reward pays, and sanction punishes. In conclusion, organizations must recognize existence of insider threat and that it is near impossible to identify and eliminate it entirely. However, solutions can be developed and implemented for prevention, detection and response. By implementing a custom designed strategy; organizations can proactively manage this potential threat and cultivate a culture of strong security. ALSO READ: Security Guides for Hiring Domestic Workers