Advanced, undetectable threats are top of the list when it comes to IT managers’ security concerns, according to IBM.
Speaking during the V3 Security Summit, Ziv Cohen, European sales director for IBM Trusteer Enterprise Solutions, warned that advanced persistent threats (APTs) and advanced evasion techniques (AETs) are proving troublesome for firms to deal with owing to their stealthy nature.
[To find out more about protecting your business from advanced threats, register to view our video interview with Cohen.]
“The most critical threats that IT managers prioritise at the moment are definitely advanced persistent threats,” Cohen explained.
“This is a threat that flies under the radar of current security solutions. Even though they have invested heavily in security solutions, still this threat can find its way into the organisation silently. They infect the computers and create persistency and reach out to the data without the company even being aware of it.”
As well as the difficulty in dealing with APTs and AETs owing to their under-the-radar nature, malicious users have also evolved to target their attacks very specifically and are not going after one particular sector or business type.
“With APTs they are crafting their attacks so they know exactly who the person is they want to reach out to, who the person is they need to infect, whether this person has the right permissions and access to the sensitive data they would like to steal,” Cohen warned.
“All kinds of organisations are facing these threats – agriculture, healthcare, education and clearly financial services as well. With APTs, the goal is to get sensitive information, it doesn’t matter which sector it is.”
While perimeter security is an important aspect of fighting advanced threats, Cohen advised that the focus should be where the attack is taking place.
“That’s why it has to be a multi-layer strategy where gateway solutions filter out the known and suspicious parts, but the attack will be prevented on the endpoint where it’s taking place,” he said.
However, even firms that have taken all the appropriate security measures, including educating employees to become more security savvy and adopting multi-layered protection, still face issues.
“If it becomes more difficult for malicious users to get what they want, they will find new ways to circumvent those security layers or policies, and then the bottom line is they will succeed in doing that,” Cohen noted.
“Financial attacks and fraudulent attacks were as the result of phishing attacks, but with the evolvement of two-factor authentication it became more difficult for cyber criminals and fraudsters to put their hands on the credentials and that’s the reason why they moved to financial malware.
"Once there is a barrier to this, they will work around it and they will find their way into the organisation. It’s a cat and a mouse game. They’re trying to bypass security solutions, and our responsibility is to make sure we stay one step ahead and that we prevent them from reaching their goals.”
To find out more about protecting your business from advanced threats, register to view our video interview with Cohen.
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago
A nuclear strike has been considered, but Bruce Willis is nowhere in sight
Spray-on antenna could enable seamless integration of antennas with everyday objects
Parker Solar Probe, TESS and GOLD missions will deliver exciting data, claims NASA