It's become vital for enterprises, government organizations and consumers to ensure their critical data remains private, as exposing intellectual property, customer information and other data can be extremely costly. IT departments have worked tirelessly to shore up vulnerabilities and eliminate security risks, but emerging business technologies and the increasing presence of more sophisticated, targeted threats have made it difficult to defend important data.
With the rise of cloud and virtualized servers, BYOD (bring-your-own-device) policies, social media and other technologies, IT professionals are tasked with monitoring business data across more channels and more remote locations than ever. Despite sophisticated cyberthreats becoming the norm, organizations can protect critical data through extensive planning, strong security policies and advanced data protection solutions. Trend Micro, a global leader in Internet and data security for businesses and consumers, recently released its first quarter Security Roundup Report, detailing the latest trends in cybercrime.
The comprehensive report provides readers with an extensive look at the mobile challenges, advanced persistent threats (APTs) and vulnerabilities impacting companies throughout numerous industries. According to the report, mobile devices like smartphones and tablets are leaving organizations vulnerable to data loss, as more cybercriminals are targeting these devices with malware and other campaigns.
All mobile users should beware of security risks, but this is especially true for Android users. Trend Micro researchers identified about 5,000 new malicious Android applications during the first quarter of 2012, making it imperative for Android users to adopt antivirus software and encrypt data on mobile devices. The report said even some legitimate smartphone and tablet applications contain security vulnerabilities.
"One big reason for the popularity of apps is their ease of use," said Robert McArdle, Trend Micro senior threat researcher. "Browsing the net on your mobile phone is not the same experience as doing it on a laptop. … The key thing to remember is to think before you give an app access to your data. … If you have any doubts about giving oversensitive information, just don’t do it."
The report also revealed that APTs are becoming more prevalent, and IT departments must adopt security systems capable of detecting and eliminating these threats across multiple devices, networks and systems. According to the source, trends like the consumerization of IT and outsourcing have broadened the IT landscape and made it more complicated for businesses to defend important information.
"It is more useful to think of highly targeted attacks as campaigns – a series of failed and successful attempts to compromise a target’s network over a certain period of time," said Trend Micro's Forward-Looking Threat Research Team. "As the attackers learn more about their targets from open source research – relying on publicly available information as well as previous attacks, the specificity of the attacks may sharply increase."
Trend Micro also found that cybercriminals used specific events and popular figures to target consumers and employees with social engineering attacks. The emergence of NBA star Jeremy Lin, Whitney Houston's death and tax season were among the events that social engineering campaigns used to extract information from Internet users.
With so many different types of threats and the trend of businesses storing data on multiple, often vulnerable devices, it's essential for IT departments to devise detailed security strategies. Although dangerous if left unsecure, companies can't ignore mobile technologies, as they have a proven ability to increase productivity and give employees more flexibility. Experts say enterprises should consider implementing an integrated mobile device management and security solution that protects data with passwords, encryption, antivirus software and remote wiping features.