STANDARD defenses are no longer sufficient today to protect organizations from cyber criminals who have become capable of evading such typical security, Trend Micro Inc. (TMI) executive Tarun Gupta said.
Cybercriminals can break through standard defenses with advance methods by customizing their attacks on a particular target, Gupta, TMI senior technical consultant, said.
According to him, 60 percent of malicious softwares (malwares) are customized, which standard defenses cannot detect.
“Security threats range from advanced malware to active botnet, disruptive applications, malicious documents and network attacks. Seventy-eight percent of the espionage that cybercriminals conduct target e-mails.”
The hackers possess an unfair advantage, like rewarding payoff, accessible malwares, broad attack surface, and social engineering. The impact of breach is beyond cost.
Cybercriminals can breach a data of over a million records that may lead to several tens of lawsuits, billions of lost in market value and even the resignation of an efficient CEO, Gupta said.
On the other hand, Melchor T. Plabasan of the Bangko Sentral ng Pilipinas (BSP) said cyber attacks pose risks to the reputation of financial institutions.
Plabasan, acting deputy director of the BSP’s core information technology specialist group, said these attacks may result in material financial losses, lawsuits that may arise from breach of confidential data, loss of public confidence in financial institutions and impact on financial stability.
In 2013, security breaches worldwide increased by 63 percent, according to Plabasan. He added cybercrime cost business around $3 trillion and 2.5 billion confidential records were violated in the last five years.
“Cybercriminals attack mostly financial services and industry.”
According to Plabasan, 20 million people in the Philippines who use electronic banking (e-banking) engaging 109 financial institutions that offer e-banking services. He added there are 70 million debit and credit cards being used in the country.
“The fact that businesses are becoming more and more interconnected and technology-dependent makes them more at risk of falling victim to cybercrime,” Myla Pilao, Trend Micro Philippines Inc. (TMPI) marketing communications director, told reporters.
Response
ATTACKS can be countered by establishing a broad visibility into advanced malwares and the activities of the attackers across network, desktops and servers with advance security software, Gupta’s presentation said.
Advanced malwares embedded in e-mail attachments and URLs can be detected and obstructed with security software, he added.
A security software enables organizations to detect advanced malware on secure web and email gateways and servers.
“Targeted cyber-attacks are a fact for today’s enterprises,” Gupta said.
“We advise everyone to take proper precaution. It is not a question of if, but when these attacks will strike. The reliance of today’s business organizations on technology and the resulting and inevitable interrelation among them make the sector susceptible to cybercrimes.”
Trend Micro senior technical consultant Speaking at the Second National Summit on Cybercrime at Camp Crame on March 17, Gupta promoted TMI’s security product the firm calls “Deep Discovery.”
Gupta said the Tokyo, Japan-headquartered firm’s product monitors all ports and has more than 80 protocols. He added it also features a sandbox to identify and block spear-phishing eletronic mails.
A sandbox is an isolated computing environment used by software developers to test new programming code.
Other features of TMI’s product include a sensor and a sandbox analysis server.
Still, Jose Regala, president of the Information Security Officers Group, believes that the ‘weakest link’ involved in cyber attacks are the people inside a business organization.
“But the weakest link can be the strongest by empowering them against cybercrime with the required awareness and tools.”
Oliver Samson | Correspondent
Image credits: Oliver Samson