In the wake of the massive OPM data breach there has been a lot of discussion about steps organizations need to take to properly strengthen their cyber security posture. In order to secure a network, the on-site cyber professionals need to be intimately familiar with the top five cyber security vulnerabilities before they can make valuable recommendations on how to proceed:
Before listing the Top Five security vulnerabilities, let’s try to understand the possible motivation of a potential attacker. Hackers act to steal sensitive data (i.e. corporate secrets, personal information, and intellectual property) or to sabotage. Recent events demonstrate that cyber espionage is still considered the most dangerous threat for Governments; APT groups worldwide constantly search for vulnerabilities to exploit on a large scale in order to gather sensitive data.
We cannot underestimate the action of cyber terrorists and cyber criminals, financial firms, retailers, and companies in the health care industry are constantly under attack. Early this year, a criminal ring dubbed Carbanak cyber gang was discovered by the experts at Kaspersky Lab, the hackers have swiped over $1 Billion from banks worldwide
The financial damage to the world economy due to cybercrime exceed 575 billion dollars, the figures are disconcerting if we consider that are greater than the GDP of many countries.
Another danger posed by group of hackers on a global scale is represented by the possibility of cyber-attacks against critical infrastructure, such as gas pipelines, water facilities, and smart grids.
The majority of processes in modern infrastructure are controlled by SCADA systems that were exposed on the Internet for maintenance purposes without the necessary attention to the cyber security.
It is not a problem of maintenance of SCADA components, instead the lack of security by design for these systems expose the entire infrastructure to the risk of cyber-attacks.