Introduction
With cyber-attacks as well as cyber-crime against large companies rising 40 percent globally in 2014, network security needs to be looked at afresh and in a new dimension. Adding to this problem is the massive proliferation of mobile and smart phones across the world. With most mobiles capable of accessing the internet from any where around the world, the problem of IT security is getting more and more acute with each passing day. In this context, let us take a look at how cyber-attackers are going at secure networks and are gaining ground faster than before, and the steps that companies, businesses and organizations are taking to combat this growing menace.
The Current Scenario – Cyber Attacks & Network Security
What comes out loud and clear is that cyber-attacks are on the rise and cyber-crime is here to stay in today’s digital era. Cyber-crime is like the disease that renders sophisticated antibiotics ineffective. Today’s cyber-crime fighters are witnessing an unprecedented scale in the methods of cyber-crime such as virtual thefts, denials of service, and other methods. Some of these methods included demonstrated denials of service, staling of data, extortion, disruption of government infrastructure, and holding information to ransom. All these methods and techniques have become tools in the arsenal of global cyber-criminals.
Most countries around the world are vulnerable to this crime, but in particular, the developed world is more vulnerable to cyber-crime. Today, the USA regards cyber-crime as one of its top law enforcement activities. The state of affairs is that network security never been so important for governments, businesses, and other organizations. According to hacking experts from around the world, the security threats in the future will get even more sophisticated. Cyber-criminals around the world are getting more and more educated, putting even larger ambitious global projects such as the Internet of Things (IoT) at great risk. At this time, cyber-security has ever been so important for business and commercial organizations, government and local bodies, and other organizations.
According to a news report by CNBC, nearly five out of every six companies, which had an employee strength of over 2,500 employees, were targeted with spear-phishing attacks as well as email fraud. Small and medium companies with poor network security were also subject to attack. This accounted for nearly 60% of the targeted attacks, showing an increase of 26 and 30 percent respectively. The scenario just does not end here. According to another report, nearly 1 million new malware threats which included a wide range of hostile software such as viruses, spyware, trojan horses, and other malicious programs were being released everyday.
According to another report, the number of cyber security events per year is close to 80 to 90 million per year with around 400 new threats every minute. The sad fact is that nearly 70% of the attacks go undetected.
Yet another problem witnessed by security professionals in the IT industry included ransomware attacks, which restrict access to the computer system. Such attacks increased 113 percent, which were driven by over a 4,000 percent increase in crypto-ransomware attacks, according to the same report. According to Symantec, the mining industry, which also includes the oil and gas industry, has been the most targeted sector globally in 2014. Other high risk targets have been manufacturing, transportation, as well as communication industries.
Cyber-criminals are getting smarter in their attacks against companies and have gone global in their attacks. They are moving faster than the conventional defense tactics that many companies are putting up in formmk of network security to protect data and information. Many cyber-criminals are putting up a very high level of sophistication in their techniques such as deploying legitimate software tools to continue their attacks on compromised computers. Additionally cyber-criminals even deployed legit software on to compromised computers to continue their attacks without the risk of being discovered by anti-malware tools. What is more alarming is that the complexity of attacks is also increasing and cyber-attackers are using the same technology that companies have used to protect themselves so far.
The state of Affairs – Mobile Security
The state of mobile security is in quite a bit of shambles too. This is enhanced by poor coding practices as well as human error, which makes it easy for hackers to find and exploit these vulnerabilities. This can make application security a big problem for enterprise security officers. This problem is compounded by the fact that mobiles are being increasingly used to access enterprise data, with the increasing trend of “Bring Your Own Device (BYOD).
In case such data is subjected to cyber-crime, it could wreak havoc for the organization concerned. This is because compromised mobile devices can increase the risk of fraud. They also are responsible for creating an insecure environment for businesses, applications, as well as transactions. Thus, the world’s attention is dually focused on increasing mobile security as well securing traditional computers from the prying minds of such shadow criminals.
Today, it is without doubt that there has been a major increase in cyber-criminal activity around the world. Each day, new apps are released to the apps stores in addition to the millions of apps that already exist out there. Unfortunately, the dark side of this phenomenon is that many of these apps are built by small organizations with limited access to security tests and minimal budgets, so the state of their security is questionable.
Improve Network Security – The Key to Combating Cyber Crime
You might feel that by installing a fire wall and sitting on the safe side of the network guarding you against the world of the Internet is the best defense against cyber-criminals. However, the greatest risk to computers and networks today comes not from the front door through the fire wall but through guests and employees either connected by wire or wireless to your corporate or business network. What most network security professionals recommend is the installation of an Acceptable Use Policy (AUP) on the computer network. Consider such activities such as personal blogging, email access, instant messaging, music as well as video streaming to be a part of a strict AUP. Consider other important points such as access rights management, intrusion protection and detection, end point security, network access control, security monitoring, and wireless security as well.
Conclusion
Attackers are going to deploy more and more methods that will continue to fox cyber security experts by trying and staying ahead of them in the rate race of security deployment versus securty breach. As computer professionals, we need to be aware of the happenings in the network security scenario and implement measures to minimize these risks.[su_box title=”About Shivani Ajmerani” style=”noise” box_color=”#336588″]Shivani Ajmerani has been working for Fusion Informatics Ltd, a custom iPad application development company in India. In free time she loves to play games on her iPhone.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.