Cyberattacks Grow More Complex

By Sherry Harowitz

The hackers also use more modern options like automated exfiltration mechanisms that send the data they want to another site where they retrieve it. They are able to send data out undetected because the company either lacks a firewall or the firewall lacks egress filters.

One of the most surprising findings was that analysis of the malware revealed that apart from some off-the-shelf script kiddies and targeting of some critical government agencies, most point-of-sale credit card breaches could be traced back to just three primary criminal enterprises, though the third appears to be a distributed network of attackers and tools used by thousands of criminals.

The report is also sobering in that it shows how difficult it is for a company to really prevent infections. As an example, it states, "The use of embedded files not only makes it extremely difficult for security products to detect malicious files but also exploits the functionality of each file format. It's becoming difficult for system administrators to control what can and cannot be executed. Flash Player does not need to be installed for a Flash file to be loaded within a PDF, MP4s can be loaded directly from within Flash Player, and most PDF readers will execute JavaScript code out of the box. Attackers make good use of these facts."

But companies can protect themselves by demanding that third parties follow best practices with strong passwords; they can also make sure that their own security is good, with proper firewall egress filters and other strong internal controls, to decrease the hackers' chances of getting malware in or getting data out—or at the very least to increase the chance of timely detection if hackers do succeed in gaining access.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.