If you thought 2015 was a bad year for cyber security (think Ashley Madison and Talk Talk), the outlook for 2016 looks considerably worse. According to global risk security company, Control Risk, next year will see a 37% increase in the severity of cyber-attacks on industrial control systems.
How will cyber-attacks develop in 2016?
What should concern us most about the predictions for 2016 is not just the increase in the number cyber-attacks but the increase in their severity. The report states that rather than just wanting to steal data, cyber criminals are increasingly focused on manipulating data and affecting the integrity of systems. They either want to infect sites with malware, corrupt the data stored on them or take them down completely.
One of the reasons why this is more likely and why we need to rethink our understanding of cyber criminals is that, whilst the number of financially motivated hackers continues to grow, the biggest increase, in 2015, was in politically motivated, state-sponsored cyber-attacks – up by 56% on 2014. The forecast is that there will be 45 nation states carrying out covert ‘operations’ in 2016.
The targets here are government and infrastructure: oil, gas and utility companies as well as the telecommunications and finance sectors. 36% of attacks during 2015 were on government systems. In the USA, the US State Department system was infected with malware by Russian hackers and the Official Website of Indiana was taken down. In the UK, July saw Edinburgh Council lose 13,000 email addresses to hackers.
Aside from political hacking, financially motivated hacking will still continue to rise, with ransomware being increasingly used in 2016. Hackers use ransomware to take control of their victims’ systems and prevent them getting access to their data until they have paid a ransom. The data is often encrypted and, on payment, an encryption key is given to the victim to get their system back. The risk for businesses is twofold here – either they can be held to ransom themselves or they can be exploited to help hackers attack their customers.
10 steps to safeguard your system for 2016
To protect against the increased threat of hacking we recommend you take the following steps:
1. Ensure you have the latest version of your software installed
All software which you run on your systems should be kept up-to-date. Updates don’t just give improvements in functionality; they often come with security updates that protect against vulnerabilities. Using outdated software leaves the software open to attack.
2. Follow developers’ guidelines and sign up for updates
It is important that you follow the software developers’ best practice guidelines for keeping their application secure. It is also worthwhile registering for updates so that if a security vulnerability is found, you can follow any recommendations until an update is released.
3. Switch to https with site-wide SSL
Enabling site-wide SSL, (Secure Sockets Layer) establishes an encrypted link between a server and a client, preventing ‘man in the middle attacks’ stealing personal data, credit card information and passwords during transmission.
4. Ensure that intrusion prevention systems are enabled
Intrusion prevention systems (which are included in cPanel and Plesk) can be configured to protect some of your applications – for example, fail2ban (Plesk) has predefined rulesets which can be enabled for WordPress.
5. Use your .htaccess file to defend your website
Apache users can use their .htaccess files to protect against attack. It can be used to prevent unauthorised access to the database and admin area, directory browsing and the accessing of files
6. Use a vulnerability scanner
Vulnerability scanners, such as our own MTv scan, undertake deep scans looking for vulnerabilities, malware and intrusions on your website, making sure your site is continually protected.
7. Make sure you regularly backup your data
You should always backup your website and database files so that if you are hacked, you can restore your website easily, quickly and inexpensively.
8. Enable an application firewall
A well-configured application firewall is a highly effective method of blocking cross-site scripting and SQL injection attacks. They use a predefined ruleset to sanitise or block HTTP requests that do not conform to the rules. Our Linux servers have the mod_security application firewall installed on both Plesk and cPanel, giving clients a number of custom rulesets which can be enabled.
9. Make sure you use a high-performance network firewall
Ensuring you have an exceptional firewall in place is a key requirement to securing your site from sophisticated cyber-attacks. For example, one of the products we use at eUKhost is a Next Generation Network Security (NGNS) platform from Fortigate. The Fortigate firewall enables:
- Identification and control of network applications
- Advanced threat protection
- Web and content policy that filters unwanted traffic
- Integrated Wireless LAN Controller
- Intrusion Protection System (IPS) (actively monitors and prevents signature and behaviour threats)
- Data Loss Prevention (DLP) (uses sophisticated pattern matching to monitor for behaviour that could lead to data loss)
- Real-Time Anti-Malware protection
Using its own operating system and purpose-built processors; the Fortigate firewall protects your network with the most advanced threat intelligence available. It enables end-to-end security across the full attack cycle and has been independently validated to provide 99%+ security effectiveness. And for ease of use, it enables all monitoring and management to be undertaken from a single pane of glass interface.
2016 is going to be a year when all website managers need to be proactive about securing their websites. Increasing numbers and varieties of cyber criminals, ever more sophisticated attacks and a change in emphasis from the theft of data to system damage and extortion mean that cyber security is going to be high on everyone’s agenda.
eUKhost provides a wide range of effective security measures to protect our clients, including SSL, website backup, SpamExperts email protection, site monitoring and intrusion protection, Mtvscan vulnerability scanning, 24×7 support staff and Fortigate firewalls.
If you are concerned about your organisation’s website security or want to know how eUKhost can protect your organisation, get in touch on 0800 862 0380.