Blog

the evolution of cyber threats

The Evolution of Cyber Threats

By Security & Compliance 0 Comments

the evolution of cyber threats

In 1970 the first computer virus, a worm named “Creeper”, was created by Bob Thomas of BBN. Bob was not a hacker, and the virus was not created with malicious intent. This was an experimental computer program which displayed a playful message, purportedly named after a Scooby-Doo villain. The Creeper worm proved the theory that a functioning “virus” which replicates itself and spreads to other systems on a network, could be created. This is lighthearted precursor to destructive modern viruses, which can encrypt your business/personal files and hold them for ransom, destroy your data, steal social security numbers, wage literal modern warfare, and more.

 Fast forward to today, computer viruses have evolved to cause catastrophic damage – and are the bane of enterprise computing and business worldwide. Entire mafia-like networks of hackers work around the clock to extract money from honest people running businesses. 

Some of the best (worst) examples of monetary damages to business include:

  • Mydoom – $38 billion (2004)
  • Sobig – $30 billion (2003)
  • Klez – $19.8 billion (2001)
  • ILOVEYOU – $15 billion (2000)
  • WannaCry – $4 billion (2017)
  • Zeus – $3 billion (2007)
  • Code Red – $2.4 billion (2001)
  • Slammer – $1.2 billion (2003)

Behind the Curve

Unfortunately, most businesses succumb to these threats because they are behind the curve on cyber-security. For a comparison, take a look at how the automobile has advanced over time. When cars became popular around 1920-1960, the rate of auto-deaths doubled. In 1949, Nash was the first American car manufacturer to offer seat belts as a factory option. They were installed in 40,000 cars, but buyers did not want them – and even requested dealers to remove them. Even by the 1960’s, most Americans did not use them, and over 65% opposed them being enforced by law. 

This is eerily similar to the trend of enterprise businesses being late to the cyber-security party. We see it on the news time and time again – “Company A” had no budget for cyber-security, Ransomware hits, folks are fired, and then suddenly there is a $10 million dollar budget available for security. Maybe it is just human nature to put these scary facts off until they hit home and affect the individuals.

Modern Cyber Security Landscape

 The modern cyber security framework has changed immensely, traditional antivirus is just not enough to keep threats at bay.  This graphic below demonstrates all the areas that need parts and pieces that to work together in order to keep a modern network safe.

Behind all these areas, there are technologies, people, and processes that work together to provide a comprehensive security program. You could always be doing more, but at a minimum – you need to make sure you are doing enough. As the saying goes, the best time to plant a tree was 20 years ago, the second-best time is now. 

the evolution of cyber security

Putting Together the Right Program

If we delve into these areas with a bird’s eye view, we can get a better understanding of what you need to meet the requirements and stay ahead of the threats. There are many options for different technologies, but at a base level, here is what you need:

  1. Identifying Threats:

The first step in the security framework is identifying what hardware and software you have. This can be done with remote monitoring and management tools, and by having a good inventory management process. Once you have your hardware and software documented, then you can move on to the next step.

  1. Protecting Your Assets:

Now that you know what assets you have on your network – your computers, your servers, your firewalls and switches, your phones, any internet connected devices, etc., you can begin protecting them. You will need multiple solutions to properly secure them – including a next-gen Antivirus, firewalls with security features, a DNS filtering solution, a multifactor authentication solution to protect your mobile devices, your servers, and even your workstations, and finally you will need a Security/Phishing Training solution for your users. Remember – even when you have all the proper technologies in place, users are the weakest link. 

  1. Detecting Threats:

Now that your devices are secured, you will need to have solutions in place to monitor for threats. Remember, no solution is perfect, bad actors rely on zero-day threats which are not yet detected. Even with the ideal security posture, threats can make it onto your network. You will need an EDR (Endpoint Detection and Response) solution and a SIEM to monitor and detect activity on your network, which will identify and stop threats as they happen, as well as provide logs so you know when and how these incidents occurred.

  1. Responding to Threats:

The next tool in your security toolbox is for responding to threats. You need a good PSA (Professional Services Automation) tool that will receive tickets as they are generated from your preventative/detection solutions. Ideally, you will also have a third-party SOC (Security Operations Center), which is a team of experts that proactively monitor your organization, 24x7x365. This is important because threats can slip by in the middle of the night – and if you do not have someone watching, it could be catastrophic. 

  1. Recovering from Threats

Too many organizations think of recovery as an afterthought – it is critical that you have a plan in place, both technically and on paper. Your plan should include a backup solution, ideally following the 3-2-1 rule. Your solution should be tested regularly with documented results. And finally, you should have a disaster recovery plan – or I like to call it, a disaster recovery playbook. Anyone from your team should be able to pick it up and know who to call and how to get things moving.

Now that we understand the tools and solutions – we must acknowledge that a good security program will require a fully staffed roster to manage and audit these controls, to oversee them and verify their functionality, to delegate responsibilities, to define processes, and to respond to incidents. People, Process, and Technologies; each of these areas work in tandem with the others. Remember – cyber threats are always evolving, stay on top of your game and prevent yourself from becoming another unfortunate statistic!

If you have questions about cyber security and setting up protocols to protect your business, contact us today.

The evolution of cyber threats
– Jake Allen, Solutions Engineer, IT Resource

Share this post

Related Posts

Cisco Adaptive Security Appliance End of Life

By

Cisco has announced that a variety of Adaptive Security Appliances (ASA) would no longer be available for sale after September... read more
password security

Password Do’s and Don’ts :: Strong Security Starts with Password Security

By

We’ve been thinking a lot about customer security lately. When we came across this blog series about password security, we... read more
working remotely

Working Remotely :: Getting Started & Security Measures

By

As the COVID-19 virus spreads worldwide, businesses are facing significant and unique challenges. Government entities and healthcare officials are urging... read more
California Consumer Privacy Act

The Keys to Addressing Your Governance and Compliance Needs in 2020

By

When the California Consumer Privacy Act went into effect on January 1, 2020, it imposed sweeping new data security standards... read more
ransomware disaster recovery and backup in the cloud

Ransomware Attack Lunch & Learn with Veeam :: Disaster Recovery and Backup in the Cloud

By

Who said there's no such thing as free lunch? Join us as we welcome Veeam for a virtual, or in-person,... read more
Microsoft Secure Score

How to Use Microsoft Secure Score

By

Wouldn't it be nice if you could measure your organization's security operations for your Microsoft 365 tenant and know exactly... read more
password manager

A One Stop Password Manager Solution

By

Wait, I can’t log in, I forgot my password and now I can’t get my work done! We all know how... read more
Security Operations Center-as-a-service in Grand Rapids

IT Resource Announces Security Operations Center-as-a-Service in Partnership with Arctic Wolf

By

Arctic Wolf Security Operations Center-as-a-service Gives IT Resource Customers Industry-Leading Managed Threat Detection and Response Services to Tackle the Increasing... read more
Phishing attack and working from home

How to Recognize a Phishing Attack

By

The ‘work from anywhere world’ makes everyone at risk to cyber-attacks, especially because threats are harder to track over home... read more
Security awareness training and webinar for your human firewall

Security Awareness Training & Webinar

By

Join us as we welcome KnowBe4 Security Awareness who will be presenting a webinar on strengthening your human firewall on... read more