The digital threats business faces are becoming ever more sophisticated. Yes, the biggest gaps remain easy and simple to fix, but even if you’ve disabled links in emails,chosen a password that’s not ‘123456’ and patched Java and Flash, you’re still at risk.
That’s enough to keep the slouching criminals in burglar’s masks out, the ones who just try to guess your password, or email you suspicious-looking links in poorly-worded spam emails. But it won’t keep out the skilful, professional malware ninjas hiding under the eaves of the internet.
What do the threats look like?
Cyber espionage involves gaining network or computer access, usually via infected emails or documents. Having achieved this,the next step is to install RATs – Remote Access Trojans – allowing remote access at will. The ultimate aim? To steal money, data or intellectual property.
Advanced Targeted Attacks
Advanced targeted attacks are typically aimed at individuals with access to sensitive information. Hackers know individuals tend to be softer targets than organizations, so they target individuals using many of the same tricks as marketers including finding them on social channels, then stealing the individual’s credentials to steal or damage what they have access to.
Financial Malware and Ransomware
Browsers, Java, Flash and Acrobat Reader are the main avenue (not the only ones) through which infections like this enter systems. The criminals responsible are often half a continent away, in Eastern Europe or Africa. Special exploit kits infect users by means of Zeuss or Zbot financial malware downloads, enabling hackers to steal online banking credentials. Databases can be infected with ransomware like Cryptolocker by the same means, encrypting your data and demanding payment to release it.
The standard response to cybersecurity threats is reactive, and it’s not enough. Think of it like medicine: the cyberthreat environment is like the flu, constantly mutating. Just like the flu,what we really need is a vaccine that works now, before anybody gets sick. What we have is drugs tailored to each new threat, once it’s already a problem. It’s the same with cybersecurity. So even though you may have antivirus, web filters, firewalls and built-in OS protections in place, you still need a way to lock the stable door – before the horse bolts.
What’s needed is a multilayered system that’s active rather than reactive, spearheaded by anti-exploitation tools configured to monitor sensitive applications and prevent them from performing the actions that lead to infection. It’s not a good idea to drop all your current security measures and put something brand new in place; instead, integrate passive and reactive security measures into a strategic approach the begins with active monitoring and intervention, resting on traditional firewalls, antivirus and – always crucial – staff best practice.
The time to jump in is when Acrobat downloads a .exe file, not when you’re putting your disaster recovery plan to the test.This is also the only method to guard against unknown threats that haven’t yet been identified: a vaccine for before you get sick.
Posted on: 09.18.15