While the live event is over, Brian answered all of your questions and then some!
In a wide-ranging conversation with Avanan's threat hunter Michael Landewe and VP of Sales Don Byrne, security expert Brian Krebs covered a ton of ground and shared insights on a number of topics related to all things security.
In the webinar with Avanan, Krebs talked about everything from zero-days to trolling Russian forums for information.
Here's a summary of what was discussed:
The Email Threat
When Krebs wrote his book, Spam Nation, in 2015, he didn't think we'd still be dealing with the email problem in 2020. But if anything, it's gotten worse.
Some of that is due to ingenuity by hackers. "There are a lot more bad guys out there," Krebs says. "Malicious emails have gotten more targeted. A lot more research is being done. And the lures have gotten way better. They even hire people to check their grammar."
Another reason is due to availability. Criminals are focused on conducting attacks on the cheap, and using resources that are sustainable. "They want do to the minimum amount to restructure," says Krebs. "That's why attacks are utilizing Google, Microsoft and Amazon. Those are the cheapest, fastest resources."
The Ransomware Problem
As health care organizations have seen a spike in ransomware attacks over the last few months, Krebs reminded the audience that this is not a new phenomenon.
"Health care is so behind the eight ball in security," he says. "Any money they have to spend on security is spent on compliance. They focus on protecting their data. But there are other things you need to be focused on."
Even more troublesome is the ransomware attacks that are not reported. "It's normal for there to be one or two ransomware attacks on health care providers a day," he says.
Beyond the health care industry, ransomware has exploded in general. Part of it is because companies aren't looking for it, and so aren't prepared when it comes. "Companies do have an opportunity to nip it in the bud, but you have to be expecting it," Krebs says. "These ransomware incidents usually start with one infected system. A lot of the time it's email. Then it's weeks until they move laterally. Organizations have to be looking for those intrusions and responding quickly."
That means, as Krebs notes, that dedicating more resources to ransomware response is critical.
We've also seen trends of companies just paying up, and that's because it can be the easiest solution. "A lot of the companies will just pay," he says. "It's the fastest way."
Elections: The Worst is Yet to Come
As the election continues to be undecided, Krebs is expecting a wave of hacking to come. The key is what's being hacked.
"Election interference isn't geared towards hacking the vote," he says. "They're trying to hack the voters, sow doubt about the democratic process. And as this drags on, we've haven't seen what's coming yet."
Don't Be Lazy with Passwords
Passwords are a problem across the board—and for criminals too. Just like regular employees reuse passwords, so will criminals. "They're lazy," Krebs says. "They're not creating new passwords."
That can help when investigating criminals. But when considering defending your organization, password insecurity can be a major source of breach. "There are a number of companies that have problems because one employee has a VPN protected by the lamest password in the world," says Krebs.
That's why, according to Krebs, "uniqueness is the most important part of passwords. It's incredibly common for people to get lazy on that front."
MFA is helpful but it's not, as Krebs cautions, a panacea. Still, it can block off an avenue for hackers to infiltrate.
Conclusion
As expected, Krebs delivered a wonderful webinar, including nuggets about how he learned Russian to read hacker forums located in the country. (He reminded us that you don't have to learn Russian to stay on top of the latest threats—that's what threat management teams are for.)
Above all, though, he cautioned that being prepared is key. Preparing for the eventually of a ransomware attack. Constantly pen testing. Reminding remote employees of security policies. As he said, "as the business world goes, the criminals go."
No matter what you do, criminals will be trying to break through. Constant preparation is essential.
Avanan always puts on innovative and informative webinars like this one.
Our next one is set for Thursday, January 14th. It's all about understanding the best defenses against ransomware and breaches. It's an AMA with Joelle Dvir, an associate at McDonald Hopkins' national Data Privacy and Cybersecurity group. Get your questions in now!
