Change your tactics, because the attacks are becoming much more advanced
This week, Websense released their 2014 Threat Report, a very impressive document backed up with loads of robust thoroughly analysed data. You can get a copy here: http://www.websense.com/content/websense-2014-threat-report.aspx
One of the primary messages that comes across is that today’s attacks are becoming increasingly advanced to bypass and overcome traditional security defences in the pursuit of confidential data.
Here are some of the highlights of the report, many of which you will already be aware of if you are a regular reader of the blog:
- 85% of malicious links used in attacks are located on compromised, legitimate web sites. Maybe your websites.
- Websense detected more than 67 meeelion exploit kit events in this year with the sci-fi named Magnitute and Neutrino exploit kits top of the list following the incarceration of the Blackhole kit creator in 2013
- 30% of malicious executable files used advanced custom encryption for command and control comms or data exfiltration
- The Zeus keystroke logging malware increased in use ‘dramatically’ as it was focussed on government communications sectors in addition to financials and the already badly beaten services and manufacturing sectors
‘So what?’ we hear you cry, ‘We already know that we need to be careful’. This is true, very true, but what this report identifies, very clearly is that siloed legacy security technologies like Anti Virus, firewalls, IPS, email scanning etc. are simply not enough to secure your confidential data any more.
So what can you do about it? Isn’t there a pill, potion or integrated system from snakeoilsecurity.com that will make this headache go away? No there isn’t.
ITC advises our customers to listen to what their legacy security platforms are already telling them, to understand what the critical assets are and what they may be vulnerable to in the context of where they live and how they are accessed and to use our NetSure360° Security platform (powered by, amongst other technology HP ArcSight) to correlate all of this data and produce meaningful realtime alerting rather than constantly crying wolf and overwhelming your limited resources as is the case with most IPS systems, for instance.
No IT security budget can protect all of your stuff to the same level all of the time and our straightforward five step approach combined with our continuously evolving tight integration of security products with industry leading service management can really make a difference to your visibility, control and assurance enabling you to detect these advanced threats early on.
If you would like a fantastic presentation of our five steps to security, complete with an amusing cartoon or would like to discuss any security issues, please contact us at: [email protected] or call 020 7517 3900