Cyber-attacks have increased in quantity and sophistication in 2020, but we may not have heard about them in the news. COVID-19 updates have dominated headlines, and our physical health and safety have taken the spotlight over our technology’s health and safety. While news of vaccines and outbreak hotspots will continue to be the most important “news of the day,” it is important to be aware of security breaches that threaten the safety of our data and privacy.
In a recent article, “When It Comes to Data Breaches, Hindsight is 2020,” published by Gabriel Torok in Forbes, PreEmptive’s CEO writes, “Companies finding their cybersecurity feet were suddenly forced to shift entire workforces and deploy entirely new network structures based on real-time, cloud-based collaboration as Covid-19 concerns escalated. As a result, hackers have changed tactics, leveraging old techniques and new approaches to compromise critical infrastructure.”
Gabriel highlights the Top 3 Attack Vectors:
• Phishing Concerns: As noted by Security Magazine, spear phishing attacks have increased by 667% since the end of February. Hackers leverage the familiarity of phishing to circumvent corporate defenses—a technique that’s especially effective as stressed staff and IT teams attempt to navigate the “new normal.”
• VPN Crashes: With companies implementing virtual private networks (VPNs) to help manage security at scale, attackers are now using DDoS attacks to crash these systems and breach network defenses. As noted by Security Boulevard, the “fill the gap” nature of most VPN deployments leaves them vulnerable to even small DDoS attacks.
• Cloud Compromises: Cloud-based collaboration tools such as Webex, Zoom, and Slack have seen substantial uptake over the past few months as businesses look to provide better work-from-home connectivity and improve overall productivity. Attackers recognize an opportunity when they see one: According to CSO Online, some industries have seen cloud-related attacks increase by 1,350%.
It is important for organizations to address security threats consistently, regardless of current conditions.
Applications are a critical area of vulnerability in many organizations. Companies implement cloud-based software for use with in-house or mobile solutions. These applications are designed to deliver critical functionality but often must operate in untrusted environments. Apps form the front line of any risk reduction effort.
Suppose companies can find and frustrate potential attackers with tools like runtime application self-protection (RASP), code obfuscation, and application shielding. In that case, it is possible to better prepare for the next wave of security threats.
What is Runtime Application Self-Protection (RASP): Runtime application self-protection (RASP) is a security technology that uses runtime instrumentation to detect and block computer attacks by taking advantage of information from inside the running software. Read more on RASP here.
What is Code Obfuscation: Code obfuscation is the process of modifying an executable so that it is no longer useful to a hacker but remains fully functional. While the process may modify an application’s instructions or metadata, it does not alter its behavior. See examples of code obfuscation.
What is Application Shielding? Application shielding refers to a set of technologies that modify an application’s source, byte, or binary code to make the application more resistant to intrusion, tampering, and reverse engineering. Find reviews of top application shielding companies.
PreEmptive has been providing application protection solutions for over 20 years. It has RASP, obfuscation, and shielding techniques and built them into ready-to-use solutions. Over 5,000 organizations in 100+ countries have relied on PreEmptive Protection products to protect their applications.