You only need to read the news headlines to appreciate that the enterprise is increasingly under attack, but how can you best defend your business from those who would do it harm?
The answer is to identify both current threats and those which are most likely to become the next big blot on the enterprise IT security landscape.
Knowledge is power, as they say, so IT Pro asked those on the frontline in the fight against the bad guys to help us compile a top 10 enterprise security threats from Targattacks to IPv6 and advise you on how best to mitigate the accompanying risks.
Here are entries one to five, with the second half of the list coming later this week:
1. Targattacks
Targattacks, also known as Advanced Persistent Threats (APTs), aren't really new, but offer a new umbrella term for a group of operators that have a full spectrum of intelligence-gathering.
"These people have proper reconnaissance to determine the best attack vectors," said Jeff Schmidt, BT global head of business continuity, security and governance. "Meanwhile persistence defines the specific nature of the attack. These are specific and continue until the goal is accomplished rather than being opportunistic".
To mitigate the risk of falling victim to a Targattack, security evangelist with G Data, Eddy Willems, warns that enterprises need to be careful when choosing a security solution.
It is invaluable to educate users about the risks and how to spot these attacks.
"Due to the human element evident in these targeted attacks, businesses should select a solution that includes behaviour blocking, application control and heuristics," Willems says. "It is also invaluable to educate users about the risks and how to spot these attacks".
Jay Huff from ArcSight recommended enterprises take a holistic view of what is going on across the network. "In military circles it's called situational awareness" Huff said.
"It's only by seeing the overall pattern of behaviour that suspicious patterns emerge".
2. Highly Sophisticated Malware
Malware isn't new, but it remains one of the biggest threats to the enterprise as the bad guys continue to up the stakes and produce some really quite sophisticated exploits in order to gain access to your business data.
Ed Rowley from the M86 Security Labs told us it has seen a "marked increase in sophisticated malware," which can be spread through Combined Embedded Files. These often go undetected by phishing protection, and one of the methods used is to attach HTML versions of cloned websites to emails rather than linking to those sites directly.
Combined attacks are on the increase, and in the first half of 2011 M86 Security Labs saw numerous targeted attacks using Microsoft Excel files with embedded Flash (.swf) files to exploit vulnerabilities.
This method, used in the targeted attack against RSA, is hard to detect by anti-virus and other security solutions because both components must be separated for analysis. Rowley advised that "enterprises without a proper patch management policy and outdated gateway protection will start to find they are fighting a losing battle" when it comes to blocking such attacks using sophisticated malware methodology.
3. SQL Injection
You might have thought that by now SQL code injection techniques as an attack methodology would be dead in the water. After all everyone knows about them and they are old hat, right?
Try telling that to the likes of Heartland Payment Services or the Sony PlayStation Network, both of which fell victim to SQL Injection led attacks.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters
-
Will triple extortion ransomware truly take off?In-depth Operators are now launching attacks with three extortion layers, but there are limitations to this model
-
GoDaddy web hosting reviewReviews GoDaddy web hosting is backed by competitive prices and a beginner-friendly dashboard, and while popular, beware of hidden prices
-
Japan investigates potential Russian Killnet cyber attacksNews The hacker group has said it’s revolting against the country’s militarism and that it’s “kicking the samurai”
-
LockBit hacking group to be 'more aggressive' after falling victim to large-scale DDoS attackNews The ransomware group is currently embroiled in a battle after it leaked data belonging to cyber security company Entrust
-
Record for the largest ever HTTPS DDoS attack smashed once againNews The DDoS attack lasted 69 minutes and surpassed the previous record of 26 million RPS
-
Cloudflare unveils new One Partner Program with zero trust at its coreNews Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architecture
