If you’ve turned on the news in the past few weeks, you may have noticed that cyber-crime and cyber attacks have seemed to be happening more regularly than you might usually notice. Some of the recent ones were covered on our blogs as well: Discovery of cyber spy campaign; emergence of scary ransomware, Hacking Team breach; and a US Government hack.
You are probably asking yourself: What does this mean for me?
Well, you are reading this blog, so I have to think that you are interested in keeping your systems away from malicious software. However, if you also work in the IT, security or technology space, you are probably thinking how the heck do I keep my systems safe if governments and international entities have fallen prey to attack.
That my dear reader is an excellent question – To that, I say – Is it time for you to rethink security?
— Kaspersky Lab NA B2B (@KasperskyNAB2B) July 21, 2015
Now I am not talking about should you be securing your company from threats, but rather at how you are defining threats.
At Kaspersky Lab, we like to break the threat landscape into three main areas – known, unknown and advanced threats. It may be a model that you’d like to follow as you start to layout a protection solution for your company.
During the last two full calendar years, Kaspersky Lab detected approximately 315,000 malicious samples each day. Approximately 80% of these cyberthreats fall into the known threats bucket.
— Kaspersky Lab (@kaspersky) July 7, 2015
Although known malware is prevalent and perceptible, it is not harmless. Older, well-known malware is often used to launch more sophisticated, targeted attacks. This is possible because many systems do not have proper or regularly updated security in place, third-party applications are outdated and long known vulnerabilities are not patched.
Some of the most well-known data breaches began with simple #malware.Tweet
Some of the most well-known data breaches began with simple malware. Think about it this way. If you are building a new deck, but have perfectly good lumber that can be reused to save money. There is simply no reason to throw away perfectly serviceable parts, however too big an imperfection can topple the project. The same holds true for malware – if not detected and removed, malware can weaken the security perimeter and expose your business to advanced threats that lead to loss of valuable financial and personal data and corporate intelligence — putting your organization’s reputation at risk.
Our researchers estimate that 18 percent of cyberthreats fall under the category of “unknown” threats. To detect and remove these threats that have yet to be identified, businesses need to rely on a security provider with expert research at its core.
Information security is in Kaspersky Lab’s DNA. The Kaspersky Security Network has more than 60 million Kaspersky Security Network volunteers worldwide. This security cloud processes over 600,000 requests every second. Kaspersky users around the globe provide real-time information about threats detected and removed.
Cloud Security explained: 1 technical term, 0 complicated charts https://t.co/f9MOACFBtf
— Eugene Kaspersky (@e_kaspersky) May 15, 2015
This data and other research are analyzed by an elite group of security experts – the Global Research and Analysis Team. Their main focus is the discovery and analysis of new cyberweapons, along with the prediction of new types of threats
Kaspersky Lab is a technology-driven company with more than one third of employees working in research and development. All solutions are developed in-house on a single code base. Kaspersky Lab’s leadership and expertise is proven in multiple independent tests.
“Advanced” threats are complex attacks, consisting of many different components, including penetration tools (spear phishing messages, exploits etc.), network propagation mechanisms, spyware, tools for concealment (root/boot kits) and other, often sophisticated techniques, all designed with one objective in mind: to provide cybercriminals with undetected access to sensitive information.
— Securelist (@Securelist) June 10, 2015
Advanced attacks target any sensitive data; you don’t have to be a government agency, major financial institution or energy company to become a victim. Even small retail organizations have sensitive client information on record; small banks operate remote service platforms for customers and businesses of all sizes process and hold payment information that is dangerous in the wrong hands. As far as attackers are concerned, size doesn’t matter: It’s all about the information. Even small companies are vulnerable to advanced threats – and need a strategy to mitigate them.
Targeted and multi-component attacks are a steadily increasing trend — particularly when it comes to businesses, where criminals are launching sophisticated, tailored attacks based on well-researched organizational vulnerabilities.
While we defined the three types of threats that are out there, this information is just the tip of the iceberg. If you are interested in diving into this topic or finding out how solutions that Kaspersky Lab offers to help protect your organization, be sure to DOWNLOAD our whitepaper entitled Rethinking Security: Fighting Known, Unkown and Advanced Threats. You can also click the image below.