Latin America. Jesús Cortina, General Manager GM Security Technologies affirms that with the changing threat environment, the policies, methodologies and technologies used to protect data become increasingly urgent; but it is essential to have certified strategic security partners.
According to the most recent studies on computer security trends 2016 – 2017, there is a triad of special cases that promise to continue giving something to talk about during the next year. It is worth noting that the figures point to 80% of professional cybercriminals and those belonging to organized criminal gangs.
Among the trends is advanced malware, exposed as a commonly used file, which usually features the extension of documents, PDF, Excel, Word or JPG images. This file proliferates easily because its use is common, in addition to being present in the most used chat applications, especially for sharing documents. In general, it takes a long time to detect the damage caused, but it can be identified with an antivirus or simply by ignoring the e-mail that has the dubious file; for which it is necessary to always maintain user education campaigns. Even so, it is difficult to handle it because they are designed in a way that crosses a large number of safety barriers.
Another trend is the risk to which privileged users in companies are exposed, that is, 20%. All those employees who handle passwords of emails, files or sensitive data of organizations, represent risk, given bad digital practices, as well as the little confidentiality in terms of the keys.
Also, ransomware, that crime typified by online extortion that encrypts all the data of a company, and that requires a "reward" collection, so as not to be sold or made public knowledge. This trend, even though it only accounts for 10% of attacks in the region, is becoming a very thriving business for cybercriminals. This type also includes reputational crimes, or any theft of information that may incriminate a person in a compromising or criminal situation.
Safeguarding data, a titanic task
Cyber extortion emerged as a strong trend in 2015, in fact it was the year of ransomware; but in 2016 there have been many varieties in which cybercriminals have taken advantage of breaches to commit crimes. It has definitely been the year of cyber-extortion using more and more, the threat of distributed denial-of-service (DDoS) attacks and the threat of exposing sensitive or even reputational business data, intellectual property and information related to legal cases or mergers and acquisitions. In fact, malware as a service has become a business model in the hands of organized professionals, reaching the hacking of corporate databases.
Additionally, exploit kits, common vehicles for the latest malware, which need outdated software to carry out security holes; although they continue to occur, they are becoming less and less usual, due to the elimination by support, by software manufacturers, as well as self-updating, without the need for user intervention.
In this order of ideas, a return to old malware schemes based on email attachments, such as macro malware, is foreseen, implanting malicious code to documents contained in such attachments. Also, as third-party add-ons are removed, a greater emphasis is expected on the use of browsers as a way to infect computers.
Leave your comment