For the sake of argument, let’s say an anti-malware strategy combining cloud-based malware identification and information sharing capabilities could eliminate the bulk of malware. Even in a perfect world with perfect collaboration, such an approach will fall short of protecting enterprise systems against more sophisticated cyber attacks if it relies heavily on reactive blacklisting technology.
In the article, “IT security industry collaboration could eliminate 90% of malware,” Eugene Kaspersky, co-founder and chief executive of Kaspersky Lab, recently told attendees at Infosecurity Europe 2011 that identifying malware faster would reduce the number of initial infections to the point that it would break the business model of most cyber criminals.
“The number of initial infections will be so low that it will cost cybercriminals more to develop the malware than they are able to recoup.”
In all due respect to Mr. Kaspersky, there are two things that we take exception to in this article. Continue reading this post…
While it has been in existence for years (which is another issue altogether), there is a “new” critical infrastructure attack in the news today: “Night Dragon”. In addition to naming this new attack with a really cool name, our friends at McAfee have done an excellent job analyzing every part of the multi-pronged attack in whitepaper titled “Global Energy Cyberattacks: Night Dragon”.
Night Dragon is a fascinating attack, with all sorts of international intrigue including links to entities in China (for a great primer on purported Chinese involvement in cyberattacks, check out Richard Stiennon’s blog). However, the multi-pronged attack is easily prevented by any good application whitelisting solution–just like Stuxnet. Continue reading this post…
It’s really puzzling to me to think about how today’s IT security professionals are trying to stop cyber threats. I mean, why go through the trouble of detecting 60,000 newly discovered threats each day, not to mention endure the performance impact that scanning has on a system, when you can quickly and automatically identify the few dozen applications that you would like to run on your endpoint computers?
In this week’s release of the McAfee Threats Report: Third Quarter 2010, the security software maker claims that malware reached an all-time high, averaging 60,000 new threats each day in the third quarter. That number has nearly quadrupled since 2007. Continue reading this post…
For organizations that run the nation’s most critical infrastructures, it’s important to understand that today’s targeted cyber attacks are designed to carry out any number of activities including monitoring network processes to bringing down the grid. Just because hackers haven’t carried out an attack doesn’t mean malware isn’t already resident in a system waiting for the most opportune time to launch.
In the article, “Attackers can take out critical infrastructure, but profit lies elsewhere, researcher says,” Jason Larson, a security researcher at the Idaho National Laboratory, said there’s plenty of evidence that hackers have already infiltrated control systems that run power generation plants, gas and oil refineries, and other chemical factories, but so far their activity is observational. Continue reading this post…
Escalating revenue losses from cyber crimes and understaffed network security teams have Indian companies more concerned about cyber attacks than terrorism.
In the article, “Cyber attacks worry firms more than terrorism,” the “2010 State of Enterprise Security Study” conducted by Symantec Software Solutions Pvt. Ltd. found that 42% of companies representing industries such as telecom, hospitality, manufacturing, retail and technology perceive cyber attacks as the biggest threat to their enterprises.
One reason cited was the lack of adequate network security. Over the past year, 66% of companies surveyed said they had experienced cyber intrusions while 51% reported repeated attacks. The study also pointed out that deployment of enterprise security has turned into a difficult task for many organizations. Said Vishal Dhupar, managing director at Symantec:
“Enterprise security is understaffed and the most affected areas in organizations are network security, web security and data-loss prevention. To tackle the issue, companies need to secure their messaging and web environments and defending critical internal servers. They should also have the ability to back up and recover data and respond to threats rapidly.
With the rise in malicious attacks targeting sectors that can have a significant impact on India’s economy, one has to wonder if cyber attacks and terrorism weren’t one in the same. As I mentioned in a recent blog, “Are we in a cyberwar or not?” cyber threats continue to have a growing impact on our nation’s economy and global competitiveness. Although U.S. Cyber Czar, Howard Schmidt, may not think we are engaged in cyber warfare, the impacts from targeted attacks are being felt everywhere, and are top IT concerns for many organizations and nations around the world.