We are in the midst of what is essentially a security arms race, with cybercriminals constantly seeking new and better ways to attack systems while organizations shore up their defenses. Successfully defending your assets requires a combination of technology, security policy with strong enforcement and user training.
“The number of fronts of risk and war, as some people call it, are definitely multiplying,” says Clinton McFadden, senior operations manager for IBM X-Force research and development, which just released the results of its X-Force 2012 Mid-Year Trend and Risk Report.
McFadden points to a sharp increase in browser-related exploits, increasingly sophisticated advanced persistent threats (APTs)—including APTs that are successfully targeting Macs—and rising concern around mobile devices and bring-your-own-device (BYOD) programs.
“We’ve seen an increase in the number of sophisticated and targeted attacks, specifically on Macs and exposed social network passwords,” he adds. “As long as
As an example of the arms race, the X-Force report points to an incident last year: “In one case, attackers bypassed two-factor authentication—commonly thought to be almost failsafe—simply by convincing a mobile phone provider to relocate a user’s voicemail, giving attackers the data they needed to reset a password.”
Connected Systems, Policy Enforcement and Humans Big Factors
In fact, as security technology raises the bar to penetrating systems, attackers are increasingly finding their way through cracks that exist at the interstices of systems, policy enforcement and humans, according to the report:
“As a security research organization, IBM X-Force has traditionally viewed security breaches with a technical focus. However, we have modified our view of attacks and breaches over time to encompass a greater business context. The overall breach trend continues into 2012, as several major high-profile businesses have had to deal with the fallout of leaked passwords and other personal data. The health care industry in particular seems to be hit hard. While security products and technology could have mitigated many of these unfortunate events, we are seeing more than ever how systems interconnectedness, poor policy enforcement and human error is far more influential than any single security vulnerability.””We’ve seen several headlines regarding cases where digital identities were decimated, not through malware, key loggers, password cracking or even through access of the victim’s computer or device. Instead, the bad guys accomplish their nefarious deeds by culling a small amount of personal data from public sources, using clever social engineering tricks and depending upon the loose policies of a handful of companies who we trust with our private data.”
these targets remain lucrative, the attacks will keep coming and, in response, organizations must take proactive approaches to better protect their enterprises and data.” >more