Targeted Cyber Attacks Expected to Rise in 2015
According to a new industry report, targeted attacks are expected to rise in 2015. GDF’s founder talks about the importance of covering the cyber security fundamentals necessary to withstand the onslaught, which will be more important than ever for any business with a digital footprint.
TrendLabs released a report on November 5th called The Invisible Becomes Visible, in which they outline their industry predictions on what the cyber threat landscape is expected to look like in 2015. And with hackers having so much success against prominent targets over the last year, like the mega-breaches suffered by Target and Home Depot which saw over 100 million combined customer credit cards compromised in those two intrusions alone, “it’s no wonder an expected increase in targeted attacks made the list,” says Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York.
The scales are tipped against businesses
“Hackers have so many things working in their favor, from anonymous currencies and “Dark Web” sites which allow them any easy way to turn stolen information into real cash, to the nightmare it is to not only find them, but to have any real success in prosecution and recovery due the global nature of the problem and the tangled mess of foreign jurisdiction,” says Caruso. “It simply makes the risk versus return quotient too enticing to resist, and it’s businesses that will end up on the hook to pay the piper in the end. But that doesn’t mean businesses have to just take it lying down, they can fight back. The key is tipping the odds back in their favor with a vigorous commitment to information security.”
Forget the law of averages, hackers learning targeted attacks pay off much better
“The NFL has nothing on hackers when it comes to being a copycat league. When something works well, more and more hackers will try to exploit it until it gets stopped, whether it’s hijacking data by encrypting it and holding on to the key until a ransom is paid (ransomware), or the monumental successes they’ve had by using RAM scrapers to pilfer credit card information right at the point of sale from right under the noses of some of the biggest retailers in the world. Then of course there are the old favorites which are still devastatingly effective, social engineering like targeted spear phishing campaigns, using a third party like a vendor to gain network access, or watering hole attacks that can help them exploit specific industries or organizations. It’s all on the table and businesses better come to grips with those realities in a hurry if they want to survive and thrive in today’s digital world,” warns Caruso.
The challenges posed by threat diversity means cyber security basics are more important than ever
“The cyber threat landscape is certainly not a static one, it evolves every single day, says Caruso. “New exploits are constantly discovered, cybercrime rings seem to be continuously popping up in countries not even on the threat radar a few years ago, and the technologies businesses use are always in flux. Just think about the proliferation of smartphones and tablets over the last couple of years as the BYOD (Bring Your Own Device) phenomenon exploded, and now the “Internet of Things” is creeping into the picture too. Just about every digital convenience businesses turn to in order to make employees more productive open new threat vectors, making life easier for attackers as well. But there are some constants in the world of cyber threats too; hackers typically like the path of least resistance, and the human element will always be the weakest link in the security chain. And that’s what makes covering the fundamentals of cyber security so important. Getting a good handle on the basics alone will help a company thwart over 95% of the threats out there, and that’s what we help new clients do every day, improve their cyber security posture from the ground up.”
Every organization’s needs, desires and digital infrastructure are unique. But having veteran cyber security experts like the experienced team at Global Digital Forensics come in to professionally tailor a testing and response plan specifically geared to the individual client, can go a long way to not only preventing the initial gateway intruders can use to wreak havoc, but also substantially lessen the aftermath should an attack or intrusion still manage to occur. There is no such thing as absolutely perfect protection, but the odds and/or aftermath can be greatly affected with the right plan in place.
Get the right help before it’s too late
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.