All types of organizations are at risk of being targeted, but financial
institutions top the list of the most at-risk businesses, Trend Micro found.
Cyber-threats, data breaches and high-risk
vulnerabilities have continued to dominate the first half of 2014, with attacks
affecting consumer’s personal information, included theft of data such as
customer names, passwords, email addresses, home addresses, phone numbers, and
dates of birth, according to a report from Trend Micro.
The data breaches and Distributed Denial of Service
(DDoS) attacks recorded this quarter showed that an organization-wide strategy
is required if companies wish to survive their aftermath.
Organization-wide, understanding and commitment to
carrying out a strategic security plan is necessary. Otherwise, they may resort
to highly impractical measures such as reverting to manual processing, as in
the case of P.F. Chang’s restaurant, the report noted.
Tom Kellermann, chief cybersecurity officer for Trend
Micro, told eWEEK the recent cyber-crime events represent a
harbinger of things to come.
"For too long corporations have viewed security
as an expense rather than a functionality of conducting business online,"
he said. "Greater percentages of the IT budget must be dedicated to the
safety of their customers online."
All organizations are at risk of being targeted,
though financial institutions top the list of the most at-risk businesses.
"Financial institutions are the holy grail of
hacking as 95 percent of all 'money' is digital," Kellermann said.
"More than 98 percent of bank heists occur in cyberspace and this is being
exacerbated by mobile banking and the correspondent rise in mobile mugging.
Financial institutions adhere to higher standards of security than other
industries, however they are also targeted by the world’s elite hackers."
The report noted deployment of mobile ransomware and
two-factor authentication-breaking malware has emerged in response to
technological developments in the online banking and mobile platforms,
indicating consumers are exposed to an ever more complex web of threats.
"The average consumer should deploy mobile
security on all their mobile devices. Update all critical updates every
Tuesday," Kellermann advised. "Never use public Wi-Fi and change
passwords to 'pass phrases with symbols'. Lastly, one should never click on
links, instead, cut and paste them into a browser."
One of the report's more encouraging findings was that
global law enforcement partnerships lead to arrests--by sharing research
findings with law enforcement agencies, financial loss prevention from
cyber-crime has proven effective.
"Threats will continue to escalate as crime has
migrated from the streets to the virtual world. The Internet is a free fire
zone with a multiplicity of hackers," Kellermann said. "Due to this
reality, law enforcement is overwhelmed, and thus, the prosecution rates are
less than 5 percent."
For small businesses with limited IT resources,
Kellermann said it's extremely important to protecting their users and their
presence, and recommends having the Website tested for the OWASP Top 10
vulnerabilities and deploy Web application security.
In addition, Kellermann advised all employee devices
should have mobile security deployed, and the laptops should be set to
"least privilege," and as businesses migrate to the cloud, they must
deploy encryption, anti-malware, intrusions detection systems and file
integrity monitoring as extra protective measures.
No comments:
Post a Comment