Story image

Protecting your customers from the business of malware

29 Jun 12

The growing trend of cybercrime has changed the reality of security for business in New Zealand and around the world. Whether cybercrime is driven by hacktivists or cyber gangs targeting brokerage firms, one thing is for certain: understanding them is critical to taking them down.

Cybercrime is an increasing worry for organisations. To work effectively with customers, it’s important for the channel to understand what is involved in cybercrime, how cybercriminals work, how it affects organisations and to provide the best security advice to help customers protect themselves.

Understanding cybercrime

In today’s cyber underworld, the motivation for attackers largely revolves around getting credit card numbers, email credentials, logins for banking sites and other information that can be turned into quick cash. In this marketplace of illicitly-obtained information, a mix of independents and organised groups driven by money, and in some cases politics, has emerged.

It’s good to keep in mind that criminally-motivated hacking crews come in all shapes and sizes. Some even feature operations you might expect to see in a legitimate enterprise, like a quality assurance team and project managers.

In most cases, these different teams work independently, with central figures overseeing the operation as a whole to keep it on track. But not everyone involved in the cyber underground is part of a group. Some stick to themselves and rent out portions of botnets they’ve assembled. Others make money by uncovering new software vulnerabilities and making offensive tools for other hackers.

In some cases, attackers will compromise legitimate websites and try to redirect users to malicious sites serving up the exploit kit. The effect of these attack kits on businesses has been tremendous.

In general, the goal of attackers remains valuable data. With banks and other organisations using multi-form authentication to verify online transactions, credit card data shares space on the shelves of virtual hacking stores with items such as Facebook logins and email credentials. Not surprisingly, the more information attackers have about a target, the more tailored their attack is — and the increased likelihood of its success.

The channel’s role in fighting cybercrime

Understanding the structure of these groups offers security experts an opportunity to disrupt them by targeting various links in the chain of hacker activity. This can include monitoring sites where credit card information is sold, to targeting rogue internet service providers known to be friendly to criminal groups with takedown efforts.

Highlight the importance to your customers of identifying risks in their current network and help them run analysis on which high risk Web 2.0 applications are being used within their organisation.

With hackers focused on gaining information, it is imperative for organisations to secure their data. Talk to your customers about the need to identify their critical information and put the proper safeguards around it, from firewalls to encryption to activity monitoring technologies.

The final, important role for the channel is helping customers educate users in order to reduce the exposure of  unintentional data leaks.

Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
Trust us, we’re Nvidia: GeForce RTX 20-series GPU preview
When I caught up with Brian Burke, Nvidia’s gaming tech PR guy, at PAX AUS in Melbourne, I didn’t hold back. I asked him why should Kiwis part with such a huge amount of money for something that, right now, doesn’t do a lot.
Xiaomi fans bubble over at Mi Store grand opening
The fans filled Auckland’s Westfield Sylvia Park to take advantage of the opening specials and get their hands on some Xiaomi tech.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
When good tech goes bad - the challenge of complexity
Beautiful system tapestries have created confusing labyrinths that people have to navigate just to get their job done, wasting time and energy.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.