Panda Security Says Businesses Must Learn From Past Data Breaches
While malware counts continue to skyrocket, companies need to learn lessons from others' breaches to improve their security, says antivirus firm.In 2013, cyber-criminals armed with malware toolkits created more than 82,000 variants of malicious software every day, infecting almost 32 percent of computers worldwide with unwanted code, according a report published by antivirus firm Panda Security. Yet, the massive number of malware variants—most of which incorporate minor code changes to fool security software—are not a true measure of the risk that companies face online, according to Luis Corrons Granel, technical director of the malware labs at Panda Security. Instead, businesses should look to the lessons of last year's breaches and educate employees about proper security measures everybody can implement. Enterprises should also beware of software—such as Java—commonly used as a vector of attack and monitor the development of mobile malware. Finally, firms should invest in detecting compromised systems and anomalous behavior, because attackers will always manage to compromise a system, he said. "It does not matter how big a company is ... if you are a target, eventually you'll get compromised," Granel said. "You can learn which are the most common risk vectors and how to reinforce your security and what different tricks cyber-criminals use to hack into company networks."
In its 2013 annual report, published March 18, Panda noted that the size of the company, and its security posture, has not made a great deal of difference in whether a company was breached. Microsoft, Twitter, Facebook, Adobe and other major technology firms have all suffered breaches. Retail giant Target, for example, suffered a major breach from late November to mid-December last year, which resulted in the theft of the financial information of as many as 110 million customers.