By Brian Laing
When a company suffers a malware attack, the effects are widespread. When the result of that attack is a data breach that compromises financial information of the company’s customers, such as the recent attack on the InterContinental Hotels Group, it can potentially be catastrophic. Recall that it was revealed in April that over 1,000 of the firm’s hotel properties were compromised by malicious software designed to siphon customer debit and credit card data. And as per Verizon’s 2017 Data Breach Investigation Report, over half of data breaches are the result of malware.
Every breach reveals data that criminals can use to launch additional attacks, either by the initial attackers or other criminals to whom they sell the compromised information. They merge data from multiple sources, building dossiers on potential victims, including spear phishing targets inside corporations. Furthermore, companies not only face being held liable for a breach, but they also risk losing crucial customer trust as their reputations take a hit.
To prevent this all too common scenario, enterprises must implement and continually revisit their security strategy that consists of a blend of policy and technology. The technology component is particularly important given the dearth of qualified candidates to fill security analyst positions – according to Cybersecurity Ventures, there could be as many as 1.5 million unfilled security positions by 2019. No single solution is sufficient to defend against today’s diverse and relentless attacks, demanding layers of security so when an attack slips through the first layer, there’s another layer in place to detect it.
Some of the largest brands are not doing enough to thwart the increasing cybersecurity threat or we would not be seeing such an ever-growing list of record-breaking successful cyberattacks and data breaches. Though the area of cybersecurity is vast and impossible to cover in totality here, there are some easily implemented programs that we are surprised to see neglected by some of the largest of companies even though they can decrease the risk of a breach:
- Password Protection: Help, perhaps insist that customers enforce safe password practices, including using unique passwords and changing them regularly.
- Encrypt Credentials: Keep customer credentials safely encrypted so that if they are compromised, the damage to their customers is kept at a minimum, whether that threat comes from inside or outside of the organization.
- Keep Patches Current: Remain vigilant in enterprise-wide patch management to keep all application and operating system patches up to date. The importance of this was clearly demonstrated by the recent WannaCry ransomware attack.
- Adopt Behavior-Based Solutions: Ensure a comprehensive core-to-edge evasive malware defense strategy that uses behavioral analysis of files instead of signature-based identification. Signature or hash-based identification is becoming obsolete due to the cybercriminal’s ability to iterate on malware variants faster than the malware databases can keep up. In addition, these new innovations in malware allow environment-aware code to lay in waiting within the enterprise for long periods of time undetected by signature-based systems until such time as the attack sequence is optimal.
- Revisit Security Strategy Quarterly: Cybercriminals are not standing pat, and enterprises can’t either. The nature of attacks, the ability for malware to evade detection, and the availability of previously compromised credentials demands that organizations continually up their game, revisiting current processes and technologies on a regular schedule or as changing circumstances and new attacks demand.
Malware attacks will continue and some will no doubt be successful as new strains of malware are introduced everyday. It is up to all companies to be diligent and proactive in addressing existing vulnerabilities and implementing new and improved technology to protect their assets, reputations, and most importantly, their customers.
About Brian Laing
Brian Laing is the SVP of Business Development at Lastline. For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles.