Attacks are getting bigger and bolder and this calls for a new approach to cybersecurity. Cybercriminals have broadened their scope beyond conventional computer systems and now almost every connected device can be a target. 2013 was the year of the megabreach, where we witnessed some of the biggest data breaches of all time with over 500 million records exposed. Point of Sale terminals have been infected with malware in order to siphon off millions of credit card records. Attackers are even going one step further and using malicious code to steal cold hard cash. A recent piece of malware, Ploutus, allows criminals to use a mobile phone to get an ATM to spit out cash by sending a simple text message.
An increasingly connected world means that attackers have access to more routes into a corporate environment. Default passwords and known vulnerabilities on peripheral devices and Web servers can provide an easy, direct path. And it isn’t just your own security you need to worry about. Many corporations have partners, suppliers, and service providers who have some level of access to the corporate network. These are often the weak link.
Attackers can also strike straight at the heart of an organization by targeting employees with well-crafted spear phishing emails. Once inside, the attacker can traverse the network to get to the data they’re seeking. They may need elevated privileges, and they may install hacking tools to facilitate this. Once attackers have the data they want, they need to exfiltrate it, maybe using a staging server along the way.
Organizations need to accept that attackers are well resourced, skilled, and will do what it takes to infiltrate their target and acquire their data, be it financial data, customer records, or intellectual property. Corporations need to get ahead of the attacker and embrace Proactive Cybersecurity.
What is Proactive Cybersecurity?
We know that attacks are multi-staged and persistent, but at each stage of a campaign the attackers leave traces of their presence. It might be a dropped file, hacking tools, a failed login, or a connection to an unknown FTP server. Proactive Cybersecurity takes these indicators of compromise and develops actionable intelligence so that you can learn to recognize attempted attacks and block them before attackers gain a foothold in your network. Proactive Cybersecurity puts you firmly in control of your network security.
To learn more about how Symantec’s Proactive Cybersecurity solutions join us at Symantec Vision.