Security – it is something that tends to play a priority role for companies throughout the world as they strive to protect their networks and their intellectual property. Economic espionage continues to receive media attention as cells of criminals the world over continue to develop applications and malicious code to breach even the most protected of networks.
Bit9 highlights how cyber security breaches often go undetected, allowing trade secrets, drug and chemical formulas, source code and product designs into the hands of those seeking to profit from the work of others. Corporate trade secrets continue to be a lucrative target, forcing companies, agencies and governments to take a closer look at how they protect IP.
While cyber security threats are nothing new, the reality is the cells are growing and the threats are intensifying as legitimate IT departments struggle to stay a step ahead of those trying to defeat their efforts. A common approach is spear phishing. Criminals will use the personal information of a key executive captured on social media platforms to lure the target to open an e-mail and subsequently download a document or click through to a malicious website.
Image via Shutterstock
These actions by the executive basically allow the “payload” to be delivered onto the system and perpetrators can then easily operate without detection. Once inside, these individuals are able to map out the topology and identify ways to move laterally within the given infrastructure. They also seek out vulnerabilities that provide gateways to legitimate administrative credentials.
Such activities are so successful that according to Gartner (News - Alert), only 76 percent of advanced malware is actually discovered by the antivirus solutions typically put in place. Attackers can avoid detection by adapting their techniques and their malware to circumvent the security measures put in place.
The 2012, Bit9 Cyber Security Research Report demonstrates some troubling findings regarding the protections currently put and place and the threats designed to overcome them. Attacks are expected to come from Anonymous/hacktivists by 61 percent of IT and security professionals. The most anticipated of attack among half of the respondents is malware, delivered in the form of rootkits, Trojans, viruses and worms.
Even more troubling is the fact that most respondents report that their cyber security measures currently in place are highly ineffective in providing real protection for their most important and vulnerable machines – the infrastructure servers. A full 74 percent of respondents believe the endpoint security currently in place is also ineffective, making these devices the most at risk.
The majority of respondents, at 76 percent, share a belief in implementing best practices and improving security policies to ensure the biggest impact on cyber security enhancements. As for regulated solutions, only seven percent believe this will have a true impact.
The work, as most IT and security professionals believe, must be done internally and it must follow best practices that are specific to the unique characteristics of the advanced threats prominent in the market today. Strategies must also reflect the security policies of the individual enterprises to ensure success.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.