A hacker with that data could move past your firewalls and access: Show
Once past your firewalls, hackers could also place malware into your network. Spyware could follow your employees throughout the day, recording each keystroke. A ticking time bomb of data destruction could await the next online decision. Hacks like this are incredibly expensive. Experts say hack damage costs companies $400 billion per year. What Are Attack Vectors?Attack vectors are the landmarks on an attack surface. Each one represents vulnerabilities, such as access points, protocols, and services. You may think you have only one or two crucial vectors. But chances are, you have dozens or even hundreds within your network. For example, experts outlined current attack vectors of large companies and found problems with:
Attack vectors are unique to your company and your circumstances. No two organizations will have the same attack surface. But problems commonly stem from these sources:
Identify where your most important data is in your system, and create an effective backup strategy. Added security measures will better protect your system from being accessed. Even your home office isn't safe from an attack surface threat. The average household has 11 devices connected to the internet, reporters say. Each one represents a vulnerability that could lead to a subsequent breach and data loss. If a majority of your workforce stays home throughout the workday, tapping away on a home network, your risk explodes. An employee may be using a corporate device for personal projects, and company data may be downloaded to a personal device. Each office in which a person works and each device that accesses the network should be assessed. Attack Surface Analysis: Step by StepTo reduce your attack surface and hacking risk, you must understand your network's security environment. That involves a careful, considered research project. An attack surface analysis will help you identify immediate risks and potential future risks. Your attack surface analysis won't fix every problem you find. Instead, it gives you an accurate to-do list to guide your work as you attempt to make your company safer and more secure. Follow this roadmap as you complete your attack surface analysis:
In large companies, this process is measured in months, not hours. Be as thorough as you can. The more you uncover, the safer your company will be. Attack Surface Reduction StrategiesMapping guides your cleanup project. Move methodically from the most vulnerable point to the least. Typical attack surface reduction techniques involve:
This is a short list that helps you understand where to begin. You may have many more items on your to-do list based on your attack surface analysis. Reduce Attack Surface in 5 StepsWith immediate cleanup completed, look for ways to tighten your protocols so you'll have less cleanup work after future attack surface analysis projects. Follow these five steps to get started:
Never underestimate the importance of reporting. Even when you've taken all of these steps, you must monitor your network regularly to ensure that nothing has broken or grown obsolete. Build time into each workday to assess the current threats. To learn if you’re protecting your company, view our checklist: 12 Key Steps for Protection Against Data Breaches. ReferencesUnwitting Workers Give Hackers Keys to Fortune 500 Firms' Networks: Study. (October 2014). NBC. Companies Lose $400 Billion to Hackers Each Year. (September 2015). Inc. Attack Surface Area Larger Than Most Businesses Believe. (June 2020). Dark Reading. Pandemic Giving Ransomware 'Greater Attack Surface' as Tactics Shift, Ex-FBI Agent Says. (August 2020). State Scoop. Attack Surface Analysis Cheat Sheet. CheatSheets Series. Ransomware Attacks Grow, Crippling Cities and Businesses. (February 2020). The New York Times. Cyberattacks Now Cost Companies $200,000 on Average, Putting Many Out of Business. (March 2020). CNBC. The Proposed Solution. (2015). How to Defeat Advanced Malware. U.S. Households Have an Average of 11 Connected Devices, and 5G Should Push That Even Higher. (December 2019). Variety. Beware This Sinister New ‘Dark Side’ $1 Million Cyber Threat, You Must. (August 2020). Forbes. 5 Ways to Reduce Your Attack Surface. (August 2018). Security. |