With midterm elections less than three months away, Pedro Abreu, the chief strategy officer at ForeScout, is warning government officials and companies that spending too much attention on foreign actors or flawed voting machines could distract from more common threats, such as phishing.
“When you do the analysis, a majority of the attacks come down to a lack of cybersecurity hygiene and a lack of understanding of the attack surface,” Abreu told Fifth Domain in an interview. “A majority of the attacks today are not advanced threats but simple phishing attacks.”
During this month’s DEF CON conference in Las Vegas, scores of hackers demonstrated how to attack individual voting machines. But Jeanette Manfra, an assistant secretary for cybersecurity at the Department of Homeland Security, said while hackers may be able to attack individual voting machines, it is difficult to alter the voting tally at scale.
Instead, Abreu argued that agencies and businesses face a “threat fatigue,” in which security leaders are overwhelmed by new problems.
“When I think of threat fatigue, I think of how the security industry talks about all the big problems and offer a set of silver bullets,” Abreu said. “When you hear commentary about what we should do there is way too much talk about the silver bullet and not enough on awareness and security approaches … I cannot deal with the biggest threat unless I deal with the basic visibility of everything in my network.”
IT and security organizations receive an average of 17,000 malware alerts per week, according to a study by Ponemon, a research firm. Only 19 percent of those alerts are considered reliable, and only 4 percent are investigated, according to the research. On average, the cost of responding to these inaccurate reports can be $1.27 million annually, according to the study.
Ninety three percent of cyber incidents are preventable by following best practices, such as application white-listing, access controls and two-factor authentication, according to the National Security Agency. Leaders there added that 90 percent of cyber incidents are caused by human error.
The NSA says it is using data science and machine learning to reduce alert fatigue for its operators. The agency also says that operations which last longer than five hours have an 11 percent higher chance in fatigue compared to operations which last five hours or less.