All the latest UK technology news, reviews and analysis

V3 Storage Summit: Signature and encryption-based defences will not keep hackers out of your data reserves

29 Jan 2014
Security padlock image

Businesses are leaving their data open to abuse by believing traditional outdated security practices will protect them against hostile hackers, according to security firm FireEye.

FireEye's European director of systems engineering Yogi Chandiramani told V3 that traditional defences are no longer able to deal with the advanced cyber threats businesses now face.

"The first problem is all today's advanced threats and malware are capable of bypassing traditional tools, ones that are filtering or signature based. At a basic level this is because the hackers know them, they've been around so long the attackers know how they work," said Chandiramani.

"Already we're seeing a high number of zero-day exploit attacks using new ways to bypass controls. In 2013 alone we saw 12 new techniques capable of bypassing traditional defences and we expect to see more this year."

The FireEye security expert added that even robust security measures, such as encrypting stored data are not capable of dealing with the new techniques.

"Once the user's machine is compromised, when they've gotten into the workstation, they can get most things, even encrypted data. This is because the encryption keys are on the machine," said Chandiramani.

Chandiramani added that the techniques are being increasingly used by hackers to mine company data. "Today we are tracking 160 advanced persistent threat (APT) campaigns across the world, each of which is mounting attacks designed to target specific types of information in various types of organisation," he said.

The attacks are capable of mining data from a variety of sources and it makes little difference whether this is stored in the cloud or on premise. "Attackers have been very successful as the internet is a great platform through which they can mount sophisticated attacks," he said.

"But despite this the human factor is still the biggest source of compromise. Today we're so connected, a basic breach via a malicious weblink or something equally simple can snowball. Companies all work with each other, it's the nature of business, so once an attacker gets into one company they can use it as a stepping stone to another."

Chandiramani said businesses will need to adopt intelligence-based defence strategies to deal with the new wave of threats that could compromise their stored data. "The key thing is to get tech that can detect incoming threats. It takes three minutes to compromise a network and months to clean it up," said Chandiramani.

"It's also about threat intelligence, seeing the threats before they hit, knowing which ones are likely to target you. Finally, it's about having the right people in the organisation, who are able to create and instigate a plan of action about what to do when the company is attacked."

FireEye is one of many companies reporting a marked increase in the number of data-mining attacks targeting business. Russian security firm Kaspersky reported uncovering a new version of the Java-focused Icefog campaign targeting a "major US oil company" earlier in January.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Storage
What do you think?
blog comments powered by Disqus

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Business Analyst, Immedate Start, £300-£400 per day, Brighton

Business Analyst Brighton £300 £400 per day...

UEFI / BIOS Software Engineer - C / C++ - Colchester ( Essex )

UEFI / BIOS Software Engineer - C / C++ - Colchester...

Big Data Engineer - Hadoop, Java, Hive, NoSQL

Big Data Engineer - Hadoop, Java, Hive, NoSQL My client...

Software Developer - C# / Oracle / JavaScript - Manchester

Software Developer - C# / Oracle / WPF- Manchester...
To send to more than one email address, simply separate each address with a comma.