Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Trust Attacks Pose Novel Challenge for Companies

Novel cyber-attacks will ruin reputations and erode customer trust, but can humans keep up in the cyber arms race?

Novel cyber-attacks will ruin reputations and erode customer trust, but can humans keep up in the cyber arms race?

In April of 2013, the Associated Press tweeted that Barack Obama had been injured in a White House explosion. The press quickly realized that the account had been hacked, but in the few minutes that the tweet was up, the S&P plummeted to the tune of $130 billion in stock value. Though the market quickly recovered, the incident showed that saboteurs and cyber-criminals now have the tools to inflict disproportionate harm on public trust and financial institutions.

In a more recent case, fears of cyber meddling in the U.S. presidential election fostered a deep distrust in the democratic process. After the DNC hack and repeated email leaks, that distrust reached an all-time high. Using these attacks as a blueprint, sophisticated hackers are now engaged in long-term missions to undermine entire businesses and institutions, all under the cloak of the web’s anonymity.

In the face of advanced threats like these, words can only go so far to assuage the fears of clients and investors. At some point, they demand results, and in cyber security, the only result that matters is whether or not you’ve stayed safe from data breaches. Unless organizations start taking proactive security measures, they risk losing one of their most important commodities – public trust.

Fostering distrust

These new ‘trust attacks’ pose a novel challenge for companies, especially those that rely heavily on public confidence. Imagine if a bank is silently infiltrated, but instead of stealing customer data, the attackers tamper with a few account balances. If even a small amount of information is changed, the resulting loss of credibility could prove fatal. Indeed, the mere rumor of compromised data is enough for customers and investors to jump ship.

Trust attacks spell trouble for financial markets as well. By falsifying market information to force ill-advised investments, cyber criminals have the power to disrupt business plans or wreak havoc on the stock market. We have already seen glimpses of this potential in during Verizon’s purchase of Yahoo, where several cyber-attacks were disclosed during a critical period of the acquisition.

Sophisticated attacks will hide amid the noise of the network and disguise themselves as legitimate traffic, manipulating data from the shadows while everything continues as normal. Imagine a Wall Street company slowly losing money and clients, all because intelligent malware was quietly tweaking their economic models.

Advertisement. Scroll to continue reading.

Staying above the slander

The biggest problem with stopping threats like these is an underlying lack of visibility. In our experience, too many organizations remain in the dark about large swaths of their networks. Whether it is IoT assets or non-conventional IT, the activity on these devices is effectively invisible to security teams. ‘Smart’ coffee machines, video surveillance cameras, and building HVACs are among the most vulnerable devices in modern networks and will continue to be used as entry points to launch advanced cyber-attacks, including subtle and stealthy ‘trust attacks’.

To maintain trust amid this hostile environment, organizations have to adopt a proactive approach to cyber security. The only way to avoid the embarrassment of a public data breach is to make sure it does not happen in the first place. In light of this, more and more organizations are recognizing the potential of AI and machine learning technologies. The promise of AI lies in its ability to create ‘self-defending’ networks that can automatically fight back against early-stage cyber-threats. Technologies like this protect not only company data, but also trustworthiness in the eyes of customers and investors.

Data integrity lies at the very heart of our businesses and public institutions. If we don’t act to protect it now, the consequences could be grave. Every company and organizations is vulnerable to cyber-attacks, and investing in security innovations and gaining total network visibility are more important than ever. The enterprises that will survive the next generation of cyber-threats know this – and they’re arming up.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.