A Bigger Wall to Defend
Hackers are paying attention, and they’re matching today’s technology innovations with maddening creativity of their own. They’ve graduated from attacks designed to steal data to extortion hacks that lock people out of their data unless a ransom is paid. One of the most frightening advances that CodeBlue is also seeing is ‘Exploit as a Service’, if you’re a criminal with just $200 in your pocket and a little incentive to earn more, your startup cost is less than if you were to open up a coffee stand. So get ready, because current security reviews and surveys say attacks increased by 38% in 2015, and it is predicted they’ll continue to grow – in frequency, and in volume.
SMB’s in the Cross Hairs
The result of this is that SMB’s are increasingly being targeted, SMB’s are rich targets, and they are new targets. Today’s criminals often gain access into an SMB’s network as a means to find an entry point into another more lucrative network (often enterprises), and the SMB is the starting point for such an attack.
That’s a lot on the line
There is no single solution to ensure your organisations secure and protected from cyber security attacks. Your business needs to take a multi-faceted approach. Which raises the question… What is your organisation doing to block the threat of a breach?
The Current Threat Landscape
Cyber criminals know that businesses are working over-time to secure their environment against threats, which means cyber criminals are working just as hard to find new gaps to exploit. We mentioned earlier ‘Exploits Kits as a Service’ are one of the most frightening advances that we are seeing, but what are these exactly? Exploit kits as a Service is a relatively recent business model used by cyber criminals in which they create, manage and sell (or rent) their malicious code to anyone interested. Exploit kits do not require technical expertise and can be bought for as little as $200. ‘Blackhole’ is a great example of Exploit Kits as a Service, the author is one of the very few that has been caught. As such, we know that he had more than 1000 customers using his kit and was making over $50,000 per month in subscriptions. This is a person that never actually attacked a victim, but instead sold his malicious software to other cyber criminals to use.
Malware – what is this really?
Short for malicious software, malware is a broad term used to describe a variety of intrusive software. It may be silent, intending to steal data or spy on users without their knowledge, and passively record / obtain sensitive information e.g. passwords to bank accounts. Or it may be designed to cause harm, including sabotage and extortion such as the various forms of crytolocker that many businesses within New Zealand have experienced.
How can you protect yourself?
Given these challenges, what’s the solution? To ensure your organisations secure and protected from cyber security attacks. Your business needs to take a multi-faceted approach.
Signature based solutions such as firewalls and antivirus take care of known attacks. But what about the new ones that you can’t see coming? To handle these, organisations must move beyond local, reactive intelligence to predictive intelligence based on internet-wide visibility across all geographies and markets. Why? Because hackers use the internet to develop, stage and refine their attacks – and in doing so they leave behind traces like domain names and callbacks that can be analysed. CodeBlue’s Internet Protection Shield detects and contains advanced internet based attacks before they cause wide spread damage. This platform compliments your existing security measures by providing insight into the connections and relationships between networks on the Internet.
CodeBlue’s Internet Protection Shield compliments your existing security measures and stops malicious traffic before it even gets to you. Internet delivered threats are real and will only continue to grow in volume and complexity. Especially in today’s mobile world it is critical for businesses to stay secure when working outside the office. Security implemented at this level provides the power to uncover and block connections to malicious domains inside and outside your corporate network, providing security that moves with your employees.