Monday, May 12th, 2014
5 Ways Cybercriminals Attack Organisations
When investigating a breach, organisations need better visibility and clarity into their network activity. And they need it fast. Based on the ways cybercriminals attack, organisations need advanced network security solutions and the newest IT solutions in order to defend their valuable data. Here are 5 ways in which cybercriminals attack organisations.
1. The Heartbleed Bug
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. Attacks can then steal data directly from the services and users and are even able to impersonate services and users.
2. Through New Technologies
You would never think that new Ultra HD big screen TVs with curved screens may be used to steal information, right? Well, cybercriminals can steal it with the help of face/speech recognition feature. What’s more, the new techonoly allowing drivers to enjoy stress-free fully automated cars (in short, cars that drive themselves) also presents some risks. Such cars could easily be hacked into, putting the passenger’s lives at risk.
3. Automatic online banking fraud
Automatic transfer systems are a new toolkit used by cybercriminals in conjunction with the known SpyEye and ZeuS banking Trojans. They do not require the criminal to be present during a user’s online banking session and they run completely unbeknownst to the user. For these kinds of attacks users have to protect themselves with advanced security solutions, but if infected it is difficult for them to identify that they have been compromised. Trend Micro’s Deep Discovery helps detect such advanced threats and offers real-time surveillance across the entire IT infrastructure.
4. Major Web Threats
Attackers have been using web threats like the infamous Blackhole Exploit Kit to take advantage of existing vulnerabilities in users’ systems with the end goal of compromising their security and stealing data. Such threats start taking the form by simply sending out spam mails with links to compromised sites and landing pages which ultimately lead to malware download. Luckily, cloud security solutions from Trend Micro automatically identify key attack components and uniquely malicious behaviour sequences. In less than 24 hours, such security solutions can identify and block malicious threats from attacking sensitive data.
5. With the “help” of the employees
Cybercriminals can acquire strategic information about a business’ environment and structure through its employees who post confidential company data on social networking sites. They contact the employees with private messages crafted to look legitimate suggesting them to go to malicious links and attachments. Luckily, there are ways to detect exactly where the leak is and get visibility into threats. IBM QRadar Network Anomaly Detection can provide a complete view of potential threats and determine meaningful deviations from ‘normal’ behaviour.
Download Free eBook
Do you want to learn more about Advanced Persistent Threats and how to protect your organisation from them?
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.