All IT Jobs Are Cybersecurity Jobs Now

The rising tide of cyber threats means that IT professionals, once tasked with setting up basic computer systems, must now prioritize cybersecurity above all else. The shift reflects the increasing sophistication of cybercriminals, who have become more organized, creating a need for constant vigilance in businesses of all sizes.

Increasing attacks highlight a much larger, ongoing issue: the internet was never designed with security in mind. As more devices and systems become connected, vulnerabilities have skyrocketed, and the consequences of a breach can be devastating. Despite businesses spending over $81 billion on cybersecurity in recent years, the situation remains dire, with cyberattacks growing in frequency and impact.

 

Cybercriminals are Professionalizing

Cybercrime has evolved into a professionalized industry, with attackers operating much like legitimate corporations. Specialization is key: hackers, financial experts, and malware developers work together, creating a streamlined and effective system for carrying out attacks. Matthew Gardiner, a cybersecurity strategist at Mimecast, notes that this division of labor has made cybercriminals more efficient and dangerous than ever before.

Larger organizations may have the resources to bolster their cybersecurity defenses, but small- to medium-sized businesses often struggle to keep pace. As a result, companies must rethink how they allocate their IT resources, focusing heavily on security.

 

Adapting to the New Cybersecurity Paradigm

To keep up with the rising cyber threat landscape, businesses of all sizes need to make security their top priority. Chris Bronk, associate director at the Center for Information Security Research and Education at the University of Houston, outlines three key steps to building an effective cybersecurity strategy:

  1. Retrain or Replace IT Staff: In today’s environment, every IT professional needs to be well-versed in cybersecurity. IT roles are no longer limited to managing servers or troubleshooting technical issues—cybersecurity must be their primary focus. “The good news is that you don’t need a dedicated person to manage your email server anymore. Instead, they can focus on security,” says Dr. Bronk.
  2. Leverage Cloud Services: Cloud-based services offer built-in security and scalability, and businesses should utilize them whenever possible. Even government agencies, like the CIA, use Amazon’s Web Services for secure data management. By leveraging the cloud, companies can reduce the risk of on-premises attacks and improve their overall security posture.
  3. Invest in Secure IT Infrastructure: Cybersecurity is now a fundamental aspect of every IT investment. Data shows that jobs in cybersecurity are among the fastest-growing fields, reflecting the need for companies to catch up after years of underinvestment in security. Every new piece of technology should be evaluated for its security features, ensuring that protection is integrated from the start.

Cybersecurity as a Priority

Security is no longer a secondary consideration—it is an integral part of doing business. Experts have compared today’s network security to the early days of graphical user interfaces. Just as usability improved over time, security can be prioritized and improved with careful planning and investment.

While the cloud has improved security, it’s not without its flaws. Recent cyber incidents, such as targeted email attacks or large-scale denial-of-service attacks, show that no system is foolproof.

The Future of Cybersecurity

As businesses continue to modernize, integrating technology into every aspect of their operations, cybersecurity will remain a top concern. For small businesses, even basic security measures like regularly updated backups and up-to-date software can be lifesavers, as illustrated by WKSK’s experience.

The takeaway is clear: no matter the size of your organization, IT staff must prioritize security in everything they do. A proactive approach, built on retraining staff, utilizing cloud services, and making security a foundational element of IT investments, will ensure that businesses are better prepared for the evolving cyber threats of tomorrow.

 

 

Wanna Decrypter 2.0 ransomware attack: what you need to know

By Bill Brenner as written on nakedsecurity.sophos.com
Updates as of 05/15/2017:
  • Multiple news reports have focused on how this attack was launched using NSA code leaked by a group of hackers known as the Shadow Brokers. That’s certainly what seems to have happened based on SophosLabs’ own investigation. A more detailed report on that is planned for early next week.
  • Sophos will continue to update its Knowledge Base Article (KBA) for customers as events unfold. Several updates were added today, and are summarized below in the “More guidance from Sophos” section.
  • Microsoft took the highly unusual step of making a security update for platforms in custom support (such as Windows XP) available to everyone. The software giant said in a statement: “We know some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download here.”
  • With the code behind Friday’s attack in the wild, we should expect copycats to cook up their own campaigns in the coming days to capitalize on the money-making opportunity in front of them, said Dave Kennedy, CEO and founder of information security consultancy TrustedSec.
  • The attack could have been worse, if not for an accidental discovery from a researcher using the Twitter handle @MalwareTechBlog, who found a kill switch of sorts hidden in the code. The researcher posted a detailed account of his findings here. In the post, he wrote: “One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again, so it’s incredibly important that any unpatched systems are patched as quickly as possible.”
***
It was a difficult Friday for many organizations, thanks to the fast-spreading Wanna Decrypter 2.0 ransomware that started its assault against hospitals across the UK before spilling across the globe.
The attack appears to have exploited a Windows vulnerability Microsoft released a patch for in March. That flaw was in the Windows Server Message Block (SMB) service, which Windows computers use to share files and printers across local networks. Microsoft addressed the issue in its MS17-010 bulletin.
SophosLabs said the ransomware – also known as WannaCry, WCry, WanaCrypt and WanaCrypt0r – encrypted victims’ files and changed the extensions to .wnry, .wcry, .wncry and .wncrypt.
Sophos is protecting customers from the threat, which it now detects as Troj/Ransom-EMG, Mal/Wanna-A, Troj/Wanna-C, and Troj/Wanna-D. Sophos Customers using Intercept X will see this ransomware blocked by CryptoGuard. It has also published a Knowledge Base Article (KBA) for customers.
NHS confirms attack
National Health Service hospitals (NHS) in the UK suffered the brunt of the attack early on, with its phone lines and IT systems being held hostage. NHS Digital posted a statement on its website:

NHS

The UK’s National Cyber Security Centre, the Department of Health and NHS England worked Friday to support the affected hospitals, and additional IT systems were taken offline to keep the ransomware from spreading further.
Victims of the attack received the following message:
encryption
Find out today if your current system meets today's minimum security recommendations. Call Managed Solution at (800) 208-3617

 

Contact us Today!

Chat with an expert about your business’s technology needs.