3. Supply Chain Exploitation
Underlying the epidemic of cybercrime are supply-chain risks: hackers are getting better and better at piggybacking from suppliers and customers (or vice versa), whether through technical exploits or social engineering. This includes hacks of IT providers such as Google, service providers like attorneys (such as in the Panama Papers megabreach), as well as third-, fourth-, and even fifth-party supplier risks (see "Supply Chain Risks," Chapter 8, Data Breaches).
During 2019, we saw an epidemic of wire transfer fraud due to business email compromise. For example, vendor emails got hacked, and were used to redirect payments from customers using phony invoices and social engineering tactics. These scams will only continue, as criminals build increasingly sophisticated social engineering operations, making supply chain exploitation one of the top cybersecurity threats for 2020.
On the technical side, criminals take advantage of supplier cybersecurity flaws and leverage these to worm their way into customer environments. For example, managed service providers (MSPs) have been increasingly and purposefully targeted, because they manage the networks for dozens, if not hundreds of customers. In August 2019, 22 towns in Texas were hit with ransomware simultaneously when criminals hacked into their MSP and used their remote access tool to quickly spread malware to all of their customer networks.
Staying Safe in 2020
Given today's top cybersecurity threats—cloud hacking, ransomware with exposure, and supply-chain threats—here's what defenders should prioritize in 2020:
- Cloud Configuration Reviews: Often, damaging data breaches stem from a simple cloud misconfiguration, which can easily be prevented with routine technical assessments. In the coming year, organizations should prioritize technical configuration reviews of cloud platforms, such as Office 365, AWS, Azure, and others.
- Strong Authentication: Account cybersecurity measures are a "must" in 2020: organizations need to finish rolling out strong two-factor authentication, in order to protect against widespread password theft. Strong two-factor authentication options include smartphone apps such as Google Authenticator, or hardware tokens like the Yubikey that support "one-touch,"" password-less logins.
- Supply Chain Risk Assessments: Make sure your suppliers are integrated into your risk assessment process. The U.S. federal government recently added Supply Chain Risk Management section to the NIST Cybersecurity Framework, establishing an important standard where supplier security is evaluated as part of the organization's routine processes.
For detailed guidance on preventing and responding to cloud data breaches, ransomware threats, and supply chain risks, pick up a copy of the Data Breaches book today. Here's to a safe and breach-free 2020!