In today's digitally driven age, an abundance of new technology has brought forth exciting new opportunities and benefits, but drawbacks and major new risks as well.
The most notable is the rise of cybercriminal activity, with hackers growing in speed, volume, and, most dangerously, sophistication. Most cyber attackers, however, still go through employees, with 80 percent of the breaches involving web browsers on mobile/desktop and 85 percent of the breaches involving a human element. This has led cybersecurity to become a top priority for organizations as they look to bolster their cyber defenses.
Earlier this year, for example, Microsoft reported a massive phishing campaign that used adversary-in-the-middle (AiTM) phishing sites that stole passwords, hijacked a user's sign-in session, and skipped the authentication process even if the user had enabled multi-factor authentication (MFA). This campaign has attempted to target more than 10,000 organizations since September 2021.
"In this attack, hackers deploy a proxy server between a target user and the website the user wishes to visit," said Osman Erkan, Founder and CEO of DefensX. "In other words, this setup allowed the attacker to steal and intercept the target's password and the session cookie that proves their ongoing and authenticated session with the website, allowing them to bypass MFA. This is a very serious issue and one of the challenges we built our technology to address."
DefensX's software solutions eradicate risk from web-borne threats, making sure users are safe working anywhere, on any network, and on any device, including desktops, laptops, smartphones, and all major operating systems, including iOS and Android.
"This is a great example of how complex and clever cyber attack campaigns have become," said Scott Chasin, Chief Technology Officer of Pax8. "There is no single solution that addresses the growing mountain of dynamic and serious threats. We've designed the cybersecurity section of our marketplace to bring best-in-class solutions that can be used together, depending on the end customer's business and regulatory requirements, and can be far more easily integrated with their PSA platforms, and connected, app to app."
Pax8 is one of many companies illuminating the latest trends in digital security as part of Cybersecurity Awareness Month, which has occurred every October since 2004. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cybersecurity Alliance (NCA), this year is focusing on what it means to "See Yourself in Cyber" by highlighting the actions that all Americans can take to raise the baseline for cybersecurity across the country.
"Along with new practices by attackers, MFA also still allows for simple mistakes on the user's end to be the breach point for hackers," Erkan said, emphasizing the importance for all cybersecurity professionals to stay informed about new attack vectors.
"Some workers are overcome with what's known as MFA fatigue, or an overload of notifications or prompts via MFA applications, in multiple accounts," he explained. "Power users can receive dozens of these messages each day, requiring them to use multi-factor to perform logins or approve different actions. What our research has found is that this leads employees to start setting security best practices aside and become careless, putting their organization and their accounts in danger of compromise. DefensX bundles Remote Browser Isolation, Zero Trust File Protection, and Zero Trust Credential Exposure functionalities for secure remote work, and we make it extremely easy to use without slowing down productivity. A simple DefensX plug-in can be downloaded in seconds, and the protection is immediately provided."
DefensX sells through MSPs and MSSPs, and through cloud marketplaces such as Pax8. With the pure-cloud DefensX solution, service providers can easily bundle their own security services and boost their revenue base.
With such a variety of attacks – from phishing, malware/ransomware, zero-day attacks, and web-borne threats – it is critical for MSPs to begin adopting and leveraging all the tools at their disposal to combat threats. One of the most notable tools MSPs are starting to use in the fight against hackers is Secure Access Service Edge (SASE) solutions.
SASE, along with its combined package of technologies such as SD-WAN, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), and Firewall as a Service (FWaaS), help greatly improve an enterprises cybersecurity. Between the variety of technologies, SASE can identify sensitive data and malware, decrypt content at line speed, continuously monitor sessions, and assess risk and trust levels.
"Small, medium, and large enterprise tools are now available and billed as an affordable, monthly subscription," Erkan said. "With DefensX's Multi-Tenant Cloud, service providers can serve many of their end-customers in a very cost-efficient and profitable way. Service providers can easily bundle their existing services with DefensX's eSWG, eCASB, RBI, local-isolation, credential exposure protection, and SaaS access protection features while offering their clients an additional line item."
The benefits provided to MSPs who leverage SASE solutions are bountiful, Erkan said, improving multiple parts of their cybersecurity offering to customers. For example, SASE solutions add zero-trust security to an MSP's cybersecurity portfolio.
Zero-trust enforces access policies based on specific context – including the user's role and location, their device, and what data they are requesting – to block inappropriate access and lateral movement throughout a data environment. On top of this, with zero-trust endpoint security, data and networks can even be safely managed with employees spread out working remotely. Endpoint security products secure and collect data on the activity that occurs on endpoints, while network security products do the same for networks.
"SASE solutions are enriched when MSPs add Domain Name System (DNS) protection to their portfolio," Erkan explained. "DNS security protects DNS infrastructure from cyberattacks to keep it performing quickly and reliably, incorporating overlapping defenses, including establishing redundant DNS servers, applying security protocols like DNSSEC, and requiring rigorous DNS logging. Like many Internet protocols, the DNS system was not designed with security in mind and contains several design limitations."
These limitations, combined with technological advances, make DNS servers vulnerable to a broad spectrum of attacks, including spoofing, amplification, DoS (Denial of Service), or the interception of private personal information. Since DNS is an integral part of most Internet requests, it can be a prime target for attacks, making DNS protection critical in today's world.
The number of cyberattack data breaches publicly reported so far this year has already exceeded the total for 2021, putting 2021 on track for a record year, according to the Identity Theft Resource Center (ITRC). Unsurprisingly, ransomware remained very common, as 1,097 organizations were hit by ransomware attacks in the first half of 2021, as compared to 1,112 in all of 2020, with studies finding that one ransomware attack happens every 11 seconds in 2022.Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.
Edited by Erik Linask