Story image

Protecting your customers from the business of malware

29 Jun 12

The growing trend of cybercrime has changed the reality of security for business in New Zealand and around the world. Whether cybercrime is driven by hacktivists or cyber gangs targeting brokerage firms, one thing is for certain: understanding them is critical to taking them down.

Cybercrime is an increasing worry for organisations. To work effectively with customers, it’s important for the channel to understand what is involved in cybercrime, how cybercriminals work, how it affects organisations and to provide the best security advice to help customers protect themselves.

Understanding cybercrime

In today’s cyber underworld, the motivation for attackers largely revolves around getting credit card numbers, email credentials, logins for banking sites and other information that can be turned into quick cash. In this marketplace of illicitly-obtained information, a mix of independents and organised groups driven by money, and in some cases politics, has emerged.

It’s good to keep in mind that criminally-motivated hacking crews come in all shapes and sizes. Some even feature operations you might expect to see in a legitimate enterprise, like a quality assurance team and project managers.

In most cases, these different teams work independently, with central figures overseeing the operation as a whole to keep it on track. But not everyone involved in the cyber underground is part of a group. Some stick to themselves and rent out portions of botnets they’ve assembled. Others make money by uncovering new software vulnerabilities and making offensive tools for other hackers.

In some cases, attackers will compromise legitimate websites and try to redirect users to malicious sites serving up the exploit kit. The effect of these attack kits on businesses has been tremendous.

In general, the goal of attackers remains valuable data. With banks and other organisations using multi-form authentication to verify online transactions, credit card data shares space on the shelves of virtual hacking stores with items such as Facebook logins and email credentials. Not surprisingly, the more information attackers have about a target, the more tailored their attack is — and the increased likelihood of its success.

The channel’s role in fighting cybercrime

Understanding the structure of these groups offers security experts an opportunity to disrupt them by targeting various links in the chain of hacker activity. This can include monitoring sites where credit card information is sold, to targeting rogue internet service providers known to be friendly to criminal groups with takedown efforts.

Highlight the importance to your customers of identifying risks in their current network and help them run analysis on which high risk Web 2.0 applications are being used within their organisation.

With hackers focused on gaining information, it is imperative for organisations to secure their data. Talk to your customers about the need to identify their critical information and put the proper safeguards around it, from firewalls to encryption to activity monitoring technologies.

The final, important role for the channel is helping customers educate users in order to reduce the exposure of  unintentional data leaks.

Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.