Story image

Modern threats - What you need to know

28 Apr 2014

Looking back over the past few years, we can see an undeniable and unsettling trend.

Each year, the scale and complexity of cyber-attacks increases, while businesses increase spending on security for their networks and corporate data.

Although fortifying protection with additional security does help, the number of successful attacks keeps growing. Businesses continue to be compromised and the costs associated with those breaches only go up.

To better understand this problem we first must understand the tactics used by cybercriminals. First, the unfortunate reality is that a great many cyber-thieves collaborate with one another.

The market for Cybercrime as a Service (CaaS) provides inexpensive, end to end offerings for every type of attack. Services include new malware development, hackers for hire, large scale access to infected PCs, and exploit development. But the offerings don’t stop there.

There is an entire segment dedicated to the liquidation of stolen data, ranging from usernames and passwords to bank and credit card account information. At every step, there are measures in place to ensure success.

Additionally, cybercriminals understand the challenges faced by today’s security companies. They maintain their advantage by staying on the offensive and using the element of surprise as they create new threats.

Cybercriminals have developed distribution techniques for threats which aim to overwhelm the security industry’s capacity. The primary tactic is to rapidly create new malware variants and deliver them in very low volume.

This low volume distribution makes it more difficult for security vendors to encounter and identify the threat, which means the threat will go undetected longer.

As with most criminal activity, the primary focus of cybercrime is financial gain. This can be accomplished in many ways, but the typical methods involve collecting sensitive data and selling it or using it to commit fraud.

These threats are usually difficult to detect on an infected system. On the other end of the spectrum are threats that use extortion and ransom tactics.

These infections, known as ransomware, encrypt data on your system and demand payment for the decryption key. In both cases, data and the money it’s worth are the targets.

Because no security solution can be 100% effective at preventing every attack, businesses need to take measures to ensure their data is secure.

This means using encryption technology as well as secure backup for sensitive data. In addition, as security vendors create more innovative protection, it’s up to businesses to layer their security appropriately and stay on top of threat trends.

While the advancements in threat detection and remediation technology are improving security, businesses and consumers alike need to be aware of malware risks and act accordingly when transacting and doing business online.

Read more about the recent wave of Cryptolocker ransomware attacks and what you can do to protect yourself by clicking here.

Microsoft appoints new commercial and partner business director
Bowden already has almost a decade of Microsoft relationship management experience under her belt, having joined the business in 2010.
Zoom’s new Rooms and Meetings features
Zoom has released information about the upcoming releases for its Rooms and Meeting offerings for 2019.
Aussie company set to democratise direct-to-orbit IoT access
Adelaide-based Myriota has released a developer toolkit that has been trialled and tested by a smart waste management platform.
Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
Dynatrace takes pole position in APM Magic Quadrant
It placed highest on Ability to Execute and furthest on Completeness of Vision in the 2019 Quadrant for Application Performance Monitoring (APM).
HCL and Xerox expand strategic partnership
Under the terms of the agreement, HCL will manage portions of Xerox’s shared services, including global administrative and support functions.
Avaya expands integration with Google Cloud AI
This includes embedding Google’s machine learning within conversation services for the contact centre, enabling integration of AI capabilities.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.