After an incredibly rough year of cybersecurity, you might feel a little twitchy. It was bad enough that ransomware and phishing attacks shot through the roof, but then Meltdown and Spectre exploded onto the scene—and the security landscape hasn’t been the same since.
What can you expect next? Here’s what Shivaun Albright, HP’s Chief Technologist of Printing Security Solutions, shared in a recent ISSA security webinar about what cyber attacks in 2017 can teach you about advanced threats coming in the future.
Buckle up—Spectre and Meltdown are just the start
Fending off malware and ramping up endpoint security may feel like a full-time job, but it’s not enough. You must also stay vigilant for a new threat lurking under the radar: low-level firmware and hardware-based vulnerabilities. Albright says, “If you look at both Spectre and Meltdown, these are two massive CPU vulnerabilities affecting nearly every OS and device in the world. They have the most privileged level of access—access to memory and hardware—and it can actually be invisible to other software running on the system. It’s very difficult to detect vulnerabilities targeting low-level firmware or even hardware.”
Although no known attacks based on Meltdown and Spectre have been spotted in the wild yet, Albright believes it’s just a question of when. Luckily, these massive vulnerabilities were found by an ethical hacker who gave the industry time to develop patches. Even so, you’re not out of the woods yet. As ZDNet reports, eight new Spectre-like flaws have been unleashed. Albright explains, “We can provide mitigations to these issues with OS and browser updates that mitigate the risk of Spectre and Meltdown to some degree. But the experts agree the only true fix is a hardware update.”
If you just spit out your coffee, you’re not alone. There’s not anywhere near enough money in the average IT budget to update an entire company’s desktops, laptops, and mobile devices on a dime. Albright recommends focusing on rolling out patches in a controlled fashion and testing them to make sure they don’t cause conflicts or glitches.
Patching can be tricky and painstaking, but skipping it really isn’t an option. “I can guarantee you there are hackers out there looking at how to expose these vulnerabilities. If you figure out how to breach this particular vulnerability, you’ve got access to pretty much every device on the planet,” she warns. Basically, if Thanos were a hacker, he’d be searching for the keys to Spectre and Meltdown right now.
Watch out for extra risks in small businesses
Businesses of all sizes are freaking out about these terrifying cyberthreats lying in wait, but small businesses have especially good reason to be losing sleep. These companies are at extra risk of being attacked since hackers consider them easy prey. As a result, the top cyber attacks in 2017 hit small businesses especially hard, with devastating consequences. “Sixty percent of small businesses that are attacked go out of business within six months,” explains Albright.
As the Denver Post reports, a small online retailer in the Midwest found itself in a world of hurt after an employee clicked a link in an email message, infecting the company’s accounting software and customer files with Cryptowall malware. Although the retailer coughed up a $50,000 ransom, the decryption key the hackers provided didn’t work. The business shuttered six months later—brought to its knees by a single ransomware attack.
There is a silver lining to this cautionary tale, as Albright tells it. “A lot of the time, these attacks on small businesses could easily be prevented. If we patched regularly, we could help prevent some of them,” she says. The EternalBlue vulnerability behind WannaCry had a patch available for months before the devastating attack hit, for example. Small businesses can go a long way toward protecting themselves simply by staying on top of current patches.
Build a cyber-resilient infrastructure today
Of course, just patching everything in sight isn’t going to solve everything. Albright has some clear-eyed advice about how you can meet the increasingly sophisticated threats of 2018 and beyond. “We’ve got to develop cyber-resilience capability so that a device, when it is attacked, can recover at scale and potentially be up and running. Or at the very least, we need to be able to isolate and quarantine devices that are at risk so they don’t propagate malware across an entire organization,” she says.
Fortunately, businesses can tap into some of that cyber-resilience right now by upping print security in their organization. Next-generation printers and copiers come with embedded security features, automatically detecting attacks in progress and self-healing from them. If, for some reason, they can’t successfully beat back an attack, they’re quarantined off from other devices and IT is automatically notified so the team can take a closer look. This cybersecurity innovation greatly enhances endpoint security, giving IT one less endpoint device to worry about among the many new, complex devices that need securing in today’s business environment.
The year ahead might be a downright scary year from a cybersecurity perspective. From the threats you already know about, like Spectre and Meltdown, to the ones that haven’t even hit your radar yet, it’s going to be a monumental challenge to keep your business safe. It’s time to batten down the hatches, carefully patch every device on your network, and take advantage of cyber-resilient technology to ward off the attacks that are no doubt on the way.