Page 23 - Cyber Warnings
P. 23
future, attackers have the upper hand against many organizations by wielding targeted,
sophisticated attacks that often go undetected by layers of security technologies.
Once thought to be an IT problem, cyber security is now a C-level and board-level concern.
Given the state of heightened attention to cyber-attack risk, CIOs, senior IT decision makers,
and CISOs are now making cyber security a top priority. In fact, a survey by Piper Jaffray shows
that cyber security is now the top spending priority for CIOs, with an impressive 75 percent
indicating that they would increase spending in the coming year . However, unless this
spending is informed by a new philosophy, it will likely just add another porous layer to the
existing pile of ineffective security products.
Targeted Attacks are on the Rise
Last year, for the first time, cyber security was a major topic in the annual State of the Union
address. High-profile breaches dominated headlines for the last 18 months, highlighting the
reality that catastrophic cyber-attacks have become regular occurrences. At their worst, these
attacks aren’t opportunistic endeavors that leverage routine malware. They are targeted attacks
with the goals of stealing confidential data or damaging business operations. As a result, the
costs inflicted by targeted attacks can be enormous, spanning financial and reputational
damages. According to the Ponemon Institute, the average cost of a data breach in 2014 was
$3.5 million. After its breach was made public, Target projected more than $148 million in
damages, which is likely an optimistic estimate .
Today’s advanced adversaries construct attacks specifically designed to bypass the defenses of
a chosen target. These attacks are stealthy and designed to move laterally within an
organization for weeks or months once they penetrate the perimeter. Their presence remains
undetected for an average of 200 days, according to breach reports.
Circumventing Endpoint Security
Despite wielding the latest AV signatures, performing diligent patch management, and
purchasing the latest malware detection engines, even the most advanced organizations fall
victim to targeted attacks. Why?
The answer is that the complexity of attackers’ efforts continues to circumvent the sophistication
of next-generation defenses. Techniques that were once only available to state-sponsored
actors are now easily employed by criminal syndicates and hacker groups. Malware and exploit
kits, which are growing in popularity and availability, provide attackers with easy methods to
customize and obfuscate signatures to bypass signature-based security measures and
rudimentary malware analysis solutions. Combining this with quick-turn exploitation of public
vulnerabilities, or zero-day exploits, provides a fully weaponized end-to-end capability to anyone
with modest means and malicious intent. This continual permutation of signatures allows
attackers to remain virtually undetectable by the majority of conventional security defenses, due
to their reliance on legacy detection techniques such as hashes and IP blacklisting.
23 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
