Living in a world where technological advancements follow an exponential growth, it is hard to draw breath as innovation follows innovation; this is particularly so in the world of IT. However, as so many businesses and organizations embrace all the benefits such innovation brings, unfortunately so does the cyber-criminal.
Nobody is safe
As we now rely so heavily on the internet – for communication, financial transactions, entertainment, etc. - is it any wonder cyber-criminals have decided to target the Internet and its users. The unwary are easy pickings, as witnessed by the increasing number of successful attacks, not just on individuals and SMEs, but corporations. Even Jamaican government ministerial websites have been specifically targeted with DNS attacks; nobody is safe.
Today, as our cyber security experts in Jamaica know, cyber-criminals (hackers) are no longer after bragging rights and kudos for being able to breach security systems. They want money, data, or both, and the lengths they will go to, the levels of deviousness they will employ to achieve their goal, are mind boggling. These people aren’t amateurs, they are professionals, because cyber-crime is big business.
As our use of the internet has changed, so have the cyber-criminals. No longer do they need exceptional computer skills, these people just need a few Bitcoins (untraceable money) and access to the Dark Web (untraceable communication) where they can buy software specifically designed to hack into some of the most heavily defended computer systems and networks. It becomes inevitable that the only way to deal with them is to fight fire with fire, and shore up your internet security with the help of professionals who know and understand the new and constantly evolving tools of the cyber-criminals’ trade.
What has helped the cyber-criminal is that only data breaches of large corporations such as Sony, Yahoo, MySpace and LinkedIn, tend to hit the headlines, leading the owners of smaller businesses down a path of false security. In 2016 alone, over 2 billion data files were compromised, which is impressive considering the population of the world is only 7 billion. Cyber criminals made more money in 2016 from SMEs than they did from major corporations.
Advanced Persistent Threats
While everyone has become used to the ‘smash and grab’ form of cyber threat – concentrating efforts on withstanding the more-easily recognized forms of attack – today’s Advanced Persistent Threats are far more insidious and appreciably less easy to detect. Part of the reason for this is because once your system has been infected, you are unlikely to know, because nothing appears to have changed.
The successful ATP attack not only relies on gaining access to your operating system, but succeeds by remaining there, undetected, for months, harvesting old and new data alike. Principle targets for an APT attack include national defense, manufacturing and the financial industry. To avoid detection, the intruder will continuously rewrite code and utilize sophisticated detection evasion techniques. Only the trained eye can spot the signs of an ongoing ATP attack, and that is through careful analysis of outgoing data to detect anomalies. For many organizations, the only effective way to be fully protected against an APT attack is to employ a full-time system administrator; this is not a task for the inexperienced.
So, whether you run a small business, or head up a governmental department, ask yourself this one question – “How would I be able to operate tomorrow if I had no computer?” Chances are, you couldn’t. Today it is not enough to THINK you are sufficiently protected against cyber-criminals, you need to KNOW, and here at Info Exchange, we can help. Our free initial consultation with our security experts will help identify any possible vulnerabilities, and advise you on how we can create a tailor-made solution to meet your specific security needs.