The web has changed, and legacy technology is leaving organisations vulnerable to new threats. Today, a single click to access a webpage can trigger a storm of activity, perhaps over 100 HTTP requests. These could be API calls, page analytics trackers, third-party plugins or content delivery networks – a playground for lurking cybercriminals who want to do your business harm. This new and evolving challenge means you need dynamic, smart security that’s capable of cutting through the noise, identifying the risks and enforcing the right controls.
Cybercriminals thrive in web environments that lack appropriate security, and it has never been easier for malicious individuals and groups to launch attacks, often on easy and unsuspecting targets. One such example is a parasitic Monero mining malware campaign named xbooster, discovered by our Threat Research Labs, which was successful in generating close to US$100,000 using multiple Monero accounts. The full scope of the xbooster malware attack is hard to detect, making quick and complete remediation a challenge as the attack kill chain uses both the cloud and web.
The failure of legacy security
Legacy solutions fail to provide organisations with security capable of addressing these problems. Frequently, the architectures provided are retrofitted or unscalable and are often delivered from more than one cloud. Platforms need to be cloud-native and built for the way that businesses use the modern, dynamic web.
Most products on the market, rooted in the outdated notion of the network perimeter, fall far short of the mark. Today, products built from this perspective present an easy opportunity to the modern hacker. At best, they offer ‘part-time security’, neither fully protecting businesses nor giving users the flexibility and freedom they demand.
Legacy solutions tend to be rooted in physical appliances or fixed compute, with users often suffering from insufficient storage capabilities. These legacy solutions are also blind to SaaS services and IaaS applications, while overwhelming security teams with high volumes of log data with every HTTP transaction, turning web security into an onerous task. In today’s distributed environment where web and cloud traffic moves thick and fast, hackers often find hiding places and wait for the right moment to pounce. It is no wonder that enterprises and their security teams struggle for visibility and control of their web and cloud activity.
The threats are not only numerous but evolving and adapting all the time, with cyber attacks targeting businesses doubling from 82,000 in 2016 to almost 160,000 last year, according to The Online Trust Alliance. Hybrid and multichannel attacks are delivered across both cloud and the web, making it extremely difficult to assess the true scope of an attack and how best to tackle it without smart security. This is a prime reason that a one-cloud approach is extremely beneficial, applying a layer of smart protection while enabling employees to traverse the web, SaaS and IaaS services seamlessly.
Yet, despite the growing danger, some businesses are unable to shake of the shackles of their legacy security solution, perhaps fearing a complex onboarding process with a new solution.
Bringing order to data chaos
Reducing uncertainty and restoring control is more important than ever. Not only are hackers looking to penetrate your network, but now that GDPR is in effect data protection practices are coming under greater scrutiny. Any careless chinks in the armour could trigger alarm bells for the regulator and prove costly, both from a financial and reputational perspective.
Data governance will hold the key to compliance and security going forward as organisations look to build safe user experiences. Netskope has categorised 99.9 per cent of active web coverage, an ongoing process maintained with machine-learning to identify and classify uncategorised URLs, as well as intelligence from our dedicated Threat Research Labs. With Netskope for Web, we can identify malicious sites, torrent repositories and evasive services such as anonymisers and proxy services, as well as newly registered, newly observed domains, ensuring we have a risk-focused Web classification. Critically, having a DLP with pin-point accuracy for the web and cloud across thousands of file types and data identifiers, coupled with features such as fingerprinting, proximity analysis and metadata extraction, will help with data governance.
There is light at the end of the tunnel, and with a sophisticated approach and cloud-native strategy, an enterprise can confidently shake of the shackles of their legacy solution and regain control of their web and cloud activity regardless of size, with no impact on user experience. Once this level of transparency is achieved, a workforce will no longer be walking blindly into traps set by hackers.
Taking the hybrid approach
When facing sophisticated hybrid web and cloud threats, responding and matching these threats with hybrid security is no longer just a good idea - it’s an absolute must. Netskope for Web is a prime example of this approach, as a service that operates in one cloud, it controls both web and cloud security through the Netskope Security Cloud.
This is the reality for enterprise security today – there is no going back, there is no safety in hiding behind outdated legacy security systems and tools. Businesses are confronted with increasing and evolving threats because hackers are opportunistic, innovative and employing emerging technology to barb and intensify their attacks. Innovation must be combatted with innovation, and complexity can be cut through with simplicity. Therefore a smart, one-cloud approach is the only way to manage the cyber threats businesses face in 2018 and beyond.
André Stewart, VP EMEA, Netskope
Image Credit: Methodshop / Pixabay