The maturity of modern malware has given it more power to stay quiet and persistent, slowly stealing information. Trend Micro global chief technology officer Raimund Genes told PCWorld that this maturation has been a problem, as the average time to detection is now more than 200 days, potentially causing a long running data security issue for any company hit with a serious strain.
One such case was the RSA security breach of 2011 where the company had malware in its system for more than six months prior to detection. A similar story happened to Sony's PlayStation Network, which saw the data of 110 million users compromised after a Unix server was hacked. This was both persistent and sophisticated, Genes said, as it took a considerable amount of time to harvest the information. With all of this in mind, it is the task of IT departments and security programs to be able to better monitor networks and figure out if and where these attacks are on a given network. This form of malware infection has only recently come to light and Genes said hackers have benefited from the same reports as cybersecurity professionals. This means these hackers know how susceptible Android's platform is to attacks.
"So if you really want to be safe from a mobile perspective, you could use a BlackBerry, as it is pretty safe by design," he said, according to PCWorld. "Or you could use Windows Phone 8, because it has only 2 to 5 percent market share and nobody will attack it."
In order to detect and combat these advanced persistent threats, companies must have a data security tool primed to provide instant, automated intrusion alerts. Modern hackers and malware are too smart for simplistic tools, so businesses have one that knows the network and any minute change that may seem out of the ordinary.
Trend Micro's Detecting APT Activity with Network Traffic Analysis white paper said a solution like this can find known threats and common missteps on networks and alert the organization when something seems to be going awry.
"Although some APT activities will continue to leverage never-before-seen malware, a significant number of ongoing APT campaigns can still be consistently detected with network indicators," the white paper said. "While C&C domain names and IP addresses will continue to change, making it difficult to maintain a defense posture by blocking them alone, network patterns are less subject to change."
Data Security News from SimplySecurity.com by Trend Micro.