Endpoint Security Expert Triumfant Shares Top Security Threats for 2014
(Marketwire Via Acquire Media NewsEdge) ROCKVILLE, MD -- (Marketwired) -- 01/09/14 --
Triumfant, creator of patented software that automatically discovers, analyzes and remediates advanced malware attacks on computers, servers and soon mobile devices, today shared its security threat predictions for 2014. Using the dynamic events of 2013 as a baseline and future indicator, Triumfant has identified the following information security trends likely to occur in the year ahead and offers organizations practical advice for combating new adversaries and attack techniques.
1. The Rise of In-Memory Attacks or Advanced Volatile Threats (AVTs)
A growing number of cyber-exploits are designed to elude current defenses by attacking computers in their volatile memory. Triumfant refers to this technique as Advanced Volatile Threats (AVTs). These memory-based attacks enable a hacker to access a computer's random access memory (RAM) or other volatile memory processes to redirect a computer's behavior. AVTs allow attackers to steal data or insert malware, but because they are never stored in long-term memory, they can be difficult to detect. Triumfant cautions organizations to invest in endpoint defense solutions that continuously scan for objects that may be manipulated in-memory so that memory-based attacks never become persistent threats.
2. World Sporting Events Create Opportunities for Mischief and Harm
The upcoming Winter Olympics and World Cup provided sophisticated hackers and nation-state actors with a high-profile venue to ramp up criminal and cyber-espionage activities. Taking a cue from the media industry breach in 2013 -- which saw The New York Times and other major media companies compromised by the Chinese military to find information on Chinese leaders -- governments, media outlets and commercial organizations should be on high alert, instituting new services to detect, counter and mitigate threats. A layered approach to security to protect sensitive systems and data is needed, one that includes endpoint security measures as part of the overall defense-in-depth strategy.
3. Mobile Malware and Network-Connected Devices Ripe with Vulnerabilities
As corporate cloud-based networks proliferate and more people work from home, hackers will develop new types of attacks on remote platforms. The rapid adoption of network-connected devices, by consumers and businesses, will make the "Internet of Things" more attractive to cybercriminals. Security vulnerabilities are rampant in embedded devices, as manufacturers hurry to bring new product to market, all too often making security an afterthought. This need for speed may also have contributed to the Target breach, where a three-year "smart card" pilot was cancelled because it was shown to slow check-out times. The Target breach also points to the flaws of the payment card industry's data security standards (PCI-DSS) which only conducts audits on a monthly basis. Major retailers should deploy endpoint security on check-out terminals, in additional to the processing servers, to ensure continuous monitoring of breaches and that the systems are audit-ready every day.
4. Rapid Detection Becomes the New Prevention
Attacks happen. The security industry is beginning to rethink its focus on protecting the perimeter, shifting its mindset and focus to rapid detection and prevention. Endpoint security is the final frontier -- picking up where network-based tools fall short. With the understanding that breaches are going to happen, 2014 will see more resources devoted to detection and remediation than in years past. According to research from Enterprise Strategy Group (ESG), 51 percent of enterprise organizations say they will add a new layer of endpoint software to protect against zero day and other types of advanced malware.
"2013 has shown us that advanced malware attacks are commonplace and that cyber criminals are becoming more sophisticated in their exploits and methods for evading detection," said John Prisco, CEO of Triumfant. "We believe endpoint compromises don't have to be a breach -- that early detection and remediation of a compromise before it becomes a full breach is possible with the right endpoint software in place. In 2014, companies must deploy an effective mix of prevention and rapid detection to protect their most critical data and systems."
About TriumfantTriumfant leverages patented analytics to detect, analyze and remediate the malicious attacks that evade traditional endpoint protection solutions such as the Advanced Volatile Threat, Advanced Persistent Threat, zero-day attacks, targeted attacks and rootkits. Triumfant automates the process of building a contextual and surgical remediation that addresses the malware and all of the associated collateral damage. Endpoints go from infection to remediation in five minutes without the need to reboot or re-image. No signatures or prior knowledge of any kind are required to stop the adversary.Triumfant uses these same analytics to continually enforce security configurations and policies, ensuring that organizations start every day with their endpoints secure and audit ready. To learn more about the company go to: http://www.triumfant.com/default.asp or follow Triumfant on Twitter and YouTube.
April H. Burghardt
PR Consultant for Triumfant
[ InfoTech Spotlight's Homepage ]