At Trend Micro, we’ve been protecting our customers against the latest breaking threats for over a quarter of a century. During that time, both the attacks and the people behind them have changed significantly. Today’s threat landscape is more complex and dangerous than ever before. Hacktivists are plotting to punish organizations with DDoS and data theft attacks; cyber criminals continue to try and find ways to steal customer data or sensitive Intellectual Property (IP); and state-sponsored actors have extended their remit well outside government and military targets.
Perhaps the most worrying development of all is the targeted attack.
The new normal
Targeted attacks are the new normal. Financially motivated gangs of hackers used to favor hiring botnets to fire out millions of phishing and malware-laden emails, with the aim of stealing users’ personal data or card info. However, better user awareness and a general improvement in personal and corporate information security over the years has begun to render these tactics less effective. Now the cyber gangs have switched to more insidious techniques which involve going after entire databases of records as well as high value IP, using the tools and techniques once mainly the preserve of state-sponsored actors. Financial, pharmaceutical, manufacturing, retail and public sector organizations are most at risk.
The idea with a targeted attack is to enter under the radar and stay hidden for as long as possible. Typically, a spear phishing email is targeted at specific members of an organization, with the aim of infiltrating the corporate network. Once inside, Remote Access Trojan (RAT) malware such as Poison Ivy or Xtreme RAT – both now readily available on the cyber criminal underground – will often be deployed. Once the malware finds what it’s looking for it might lie undiscovered for months or even years, exfiltrating data out to the attackers.
In our 2014 Predictions report, Trend Micro warned that more and more cyber criminals will use targeted attack methodologies this year to compromise machines and networks. They will use easy-to-craft malware”, usually exploiting known vulnerabilities, to launch small but effective campaigns which take advantage of an organization’s weakest link – its employees. Already this year Trend Micro has reported a major increase in attacks targeted at retailers’ Point of Sale (PoS) infrastructure.
The fight back begins
To help IT leaders and CISOs navigate these treacherous waters and help them protect their businesses from the damaging effects of these attacks, Trend Micro has launched a major new series of white papers. The Enterprise Fights Back consists of four major reports designed to offer best practical advice on how to secure network infrastructure; protect sensitive data against attack; build an incident response team; and develop effective threat intelligence.
We take the reader step-by-step through the mechanics of a typical targeted attack and offer tips on how best to disrupt the attack process via techniques such as network segmentation, log analysis and tighter access controls. The reports also detail how to build a data protection infrastructure to protect the organization’s “crown jewels,” from endpoint to cloud. Finally, we highlight the importance of company-wide collaboration to build an incident response team, and the use of tools like Trend Micro Deep Discovery to build vital local threat intelligence capabilities combined with the global threat intelligence offered by the Trend Micro™ Smart Protection Network™.
The bottom line is: targeted attacks are here to stay. The costs of a breach – from incident response and remediation to brand reputation, financial penalties and potential competitive disadvantage – are too big to ignore. So take a look at The Enterprise Fights Back today for some practical advice from our team of targeted attack experts.