Panda Security Says Businesses Must Learn From Past Data Breaches
In 2013, cyber-criminals armed with malware toolkits created more than 82,000 variants of malicious software every day, infecting almost 32 percent of computers worldwide with unwanted code, according a report published by antivirus firm Panda Security.
Yet, the massive number of malware variants—most of which incorporate minor code changes to fool security software—are not a true measure of the risk that companies face online, according to Luis Corrons Granel, technical director of the malware labs at Panda Security.
Instead, businesses should look to the lessons of last year's breaches and educate employees about proper security measures everybody can implement. Enterprises should also beware of software—such as Java—commonly used as a vector of attack and monitor the development of mobile malware. Finally, firms should invest in detecting compromised systems and anomalous behavior, because attackers will always manage to compromise a system, he said.
"It does not matter how big a company is ... if you are a target, eventually you'll get compromised," Granel said. "You can learn which are the most common risk vectors and how to reinforce your security and what different tricks cyber-criminals use to hack into company networks."
In its 2013 annual report, published March 18, Panda noted that the size of the company, and its security posture, has not made a great deal of difference in whether a company was breached. Microsoft, Twitter, Facebook, Adobe and other major technology firms have all suffered breaches. Retail giant Target, for example, suffered a major breach from late November to mid-December last year, which resulted in the theft of the financial information of as many as 110 million customers.
The security industry's mantra of inevitability means that businesses should not put all their faith in stopping attacks at the firewall, or detecting and blocking attacks on the desktop, Jaime Blasco, director of security-management firm AlienVault's research group, said in an email interview.
"Companies should have the capabilities to block most of these attacks, but what is most important is to be prepared to detect and respond to the incidents that their prevention capabilities are not able to contain," Blasco said.
By far, Trojan horse programs, which appear to be legitimate pieces of software, but are really malware, are the most popular attack program. Such programs accounted for 71 percent of malware variants and 79 percent of malware infections in 2013. By comparison, worms and viruses collectively accounted for 22 percent of malware variants and 13 percent of infections in 2013.
The rising prevalence of Trojan horse programs makes sense, as modern malware is much more threatening than the viruses and worms of the past, Panda's Granel said.
"Ten years ago, a company could get infected by a nasty worm and have their business disrupted for a few hours," he said. "Nowadays, they do not know they have been compromised and they [only] realize when it is too late: customers' information stolen, bank account empty [and] confidential information leaked to competition."