Cyber Criminals are Out There
The media is buzzing with stories of statesponsored hacking, so-called advanced persistent threats, and high-profile data-theft attacks by cybercriminals. So what does this mean to everyday businesses owners and managers (companies that aren’t defense contractors or giant corporations)? It means watch out.
The wildly successful techniques used in statesponsored attacks are moving down a "malware adoption lifecycle." Yesterday’s million-dollar, wellplanned, high-profile attacks are quickly becoming $25 exploit kits available online to armies of low-level hackers. Consider this "phase two" of advanced threats. The army of profitdriven hackers is using the same advanced techniques to steal any data that they can get their hands on to sell, fence or ransom. No one is safe, because traditional defenses don’t work against advanced malware. And the cybercriminals are targeting every kind and size of business. This is the part of the story that people need to hear: While the big-name breaches get the headlines, too many companies get lulled into a false sense of security thinking that they are safe because they don’t have state secrets. From state-sponsored groups, to criminal gangs, and ultimately to individual hackers—they are hitting any business with anything of value. Because that’s where the money is. And it’s easy pickings because antivirus software is defenseless against these advanced methods.
Look, modern malware circumvents AV and firewalls, so you simply can’t rely on these technologies or on patch management to protect your organizations. We need to examine both inbound and outbound content traffic to minimize risk. Because, if you combine these exploits with some well crafted social engineering, organizations will continue to be victimized. Organizations need to examine— in real time—the substance of each website visited and in each email to effectively battle this malware lifecycle.