Story image

Employees get sucked in by smarter cybercriminals

01 Feb 12

A staggering 70 per cent of organisations have been the target of an advanced attack and frighteningly it has been found that about half of all employees will fall for a well-crafted spear phishing ruse which could open the door to malware and other threats to the corporate network.
While most New Zealanders are aware of the more common tactics of cybercriminals and seldom fall for scams involving emails from Nigerian royalty or phishing scams seeking banking details, few are as vigilant when it comes to protecting valuable company information at work. Hackers and cybercriminals are stepping up their efforts to target businesses to access everything from Intellectual Property for commercial gain, to customer records for competitive advantage or even resorting to using stolen information for extortion attempts. One careless employee could become the weakest link in your business and expose your business to a long list of threats.
While mobile devices are now enabling the convenience and flexibility of accessing emails and company desktops in order to effectively work anywhere, the growth of employee owned devices and the increasing use of social-media applications in the workplace are creating new potential attack access ways, and posing a big risk to company IP. The potential consequences of losing company information in this way are frightening, and organisations need to make sure they have control and insight into the users and devices accessing their network.
It’s a good idea to configure your employee’s devices to get connected to corporate Wi-Fi hotspots, rather than public Wi-Fi hotspots, to minimise the risk of any data vulnerabilities and malware infestations. Ensure employees are aware of simply things such as knowing to turn off Bluetooth or Wi-Fi when not in use, applying a screen lock when the phone is powered on and setting up an inactivity time-out limit or auto-lock; these can also be useful should an employee lose the device.
Risky practices – lack of password protection, giving out passwords – along with ineffective approaches to information security are making organisations susceptible to these new employee-targeted attacks. The current level of complexity in our IT environments is also making it easier for skilled adversaries to hide and find unknown or unpatched IT vulnerabilities.
To add to the problem, many companies are unable to detect sophisticated attack patterns. Conventional antivirus, firewall and IDS tools do not form a complete picture of an attack, instead identifying unauthorised access, viruses, or phishing email, but not actually associating these events.
So how do we better stay safe in a world where cyber-attackers are smarter and passwords are harder to remember?
Traditionally, firewalls provide defence against attacks from viruses or external attackers, and to this end, review all firewall deployments to ensure current rules and processes to implement and maintain them are still valid. Also ensure adequate measures have been taken to help protect devices like laptops with technologies such as host-based firewalls.
Do not, however, solely rely on firewalls as a single means of defence. There are additional factors to consider for protecting a network. Do you provide secure remote access with strong authentication techniques? Have you made sure you have secured your wireless network to help prevent unauthorised users from gaining access to your network resources?
Fresh approaches and new ways of thinking about information security will be needed to combat this new class of threat that seeks to exploit the "weakest link" in a company, some of which may be uncomfortable for IT managers and decision makers. For example, giving up the idea that it is possible to protect everything in order to focus on the most critical information – the company "crown jewels" if you will – is something that organisations need to consider. Additionally, the definition of successful defence should change from "keeping attackers out” to "detecting intruders as early as possible and minimising the damage.”
In other words, assume an organisation is already compromised – and work from there.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.