Blog & Tools

SDN’s revised report shines light on evolving cyber threats

SDN's Cyber Threat Landscape Report

Cyber outlaws value sensitive electronic information, and they’re always trying to get more. The allure of data in vulnerable computing systems is illustrated by findings in SDN Communications’ Cyber Threat Landscape Report for 2018.

It indicates that nearly half of all attacks thwarted by the firewalls SDN manages were information disclosure attacks. These attacks try to collect details by scanning a targeted network.

Some scans might have been benign searches that posed no serious threat, said Conor Grevlos, a business intelligence analyst at SDN, but others could be precursors to potentially serious attacks.

“Not all disclosures are for malicious intent, but they can be a sign of things to come,” Grevlos said. “You want to err on the side of the worst case: that they’re tailoring an attack specifically for your network.”

Data for SDN’s report covering Jan. 1 through Dec. 31, 2018, is based on information from the company’s Managed Firewall Service and Managed DDoS Protection. DDoS is short for distributed denial of service, a form of attack where hackers target programs and flood them with malicious traffic to slow or disable functions.

The Cyber Threat Landscape Report offers a unique perspective of cyber threats across South Dakota and southern Minnesota and highlights trends that might help organizations assess or update their protection strategy.

Deploying trustworthy, up-to-date firewalls and keeping them maintained and updated has become an indispensable component of any cybersecurity strategy. DDoS protection remains important, too, because attacks can be purchased and launched relatively cheaply and easily.

Nearly 80 percent of all DDoS attacks were multi-vector attacks, meaning they came from multiple pathways or differing means, according to the report. The number of vectors associated with a single cyber-attack directly affects the size and the time it takes to mitigate such an attack.

The most common attack pathway detected in 2018 was a vulnerability in Apache Struts, an open-source server software. Hackers exploited the flaw, leading to data breaches that include a massive leak of credit information at Equifax in 2017.

A new section in the report includes a recap of some of 2018’s largest national data breaches. It includes the attacks on Marriot International’s reservation system and the Exactis marketing firm’s consumer information.

The troubling, recurring reality check that comes from SDN’s reports is that business and organization networks are under steady attack. SDN flagged more than a third of all Managed Firewall traffic as threatening or unwanted throughout 2018, and filtered it out, keeping it from ever reaching its target.

So, how should a small or midsize business respond if it becomes the victim of a data breach? Cybersecurity experts at SDN offer some suggestions:

  • Move quickly to secure your system and fix vulnerabilities that might have caused the breach.
  • Notify local law enforcement agencies and the FBI.
  • Determine the source and scope of the breach.
  • Consult with internal or third-party breach experts and legal counsel.
  • Have a communications plan prepared in advance to inform affected parties, including employees, customers, investors, business partners, and other stakeholders.

Also, keep in mind that South Dakota’s breach-notification law requires businesses to take certain steps when the breach potentially affects more than 250 residents of the state.

SDN has issued free cybersecurity reports for two years. The data has helped SDN’s cyber experts better understand the region’s threat landscape and trends.

Visit the Cyber Threat Landscape Report Archive for full access to all of our reports.

SDN Communications is a regional leader in providing broadband connectivity and cybersecurity services to businesses in communities such as Sioux Falls, Rapid City, Worthington and the surrounding areas.