Panda Security Says Businesses Must Learn From Past Data Breaches | eWeek

Panda Security Says Businesses Must Learn From Past Data Breaches

Panda Security Says Businesses Must Learn From Past Data Breaches
Écrit par
Robert Lemos
Robert Lemos
Mar 25, 2014
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

In 2013, cyber-criminals armed with malware toolkits created more than 82,000 variants of malicious software every day, infecting almost 32 percent of computers worldwide with unwanted code, according a report published by antivirus firm Panda Security.

Yet, the massive number of malware variants—most of which incorporate minor code changes to fool security software—are not a true measure of the risk that companies face online, according to Luis Corrons Granel, technical director of the malware labs at Panda Security.

Instead, businesses should look to the lessons of last year’s breaches and educate employees about proper security measures everybody can implement. Enterprises should also beware of software—such as Java—commonly used as a vector of attack and monitor the development of mobile malware. Finally, firms should invest in detecting compromised systems and anomalous behavior, because attackers will always manage to compromise a system, he said.

“It does not matter how big a company is … if you are a target, eventually you’ll get compromised,” Granel said. “You can learn which are the most common risk vectors and how to reinforce your security and what different tricks cyber-criminals use to hack into company networks.”

In its 2013 annual report, published March 18, Panda noted that the size of the company, and its security posture, has not made a great deal of difference in whether a company was breached. Microsoft, Twitter, Facebook, Adobe and other major technology firms have all suffered breaches. Retail giant Target, for example, suffered a major breach from late November to mid-December last year, which resulted in the theft of the financial information of as many as 110 million customers.

The security industry’s mantra of inevitability means that businesses should not put all their faith in stopping attacks at the firewall, or detecting and blocking attacks on the desktop, Jaime Blasco, director of security-management firm AlienVault’s research group, said in an email interview.

“Companies should have the capabilities to block most of these attacks, but what is most important is to be prepared to detect and respond to the incidents that their prevention capabilities are not able to contain,” Blasco said.

By far, Trojan horse programs, which appear to be legitimate pieces of software, but are really malware, are the most popular attack program. Such programs accounted for 71 percent of malware variants and 79 percent of malware infections in 2013. By comparison, worms and viruses collectively accounted for 22 percent of malware variants and 13 percent of infections in 2013.

The rising prevalence of Trojan horse programs makes sense, as modern malware is much more threatening than the viruses and worms of the past, Panda’s Granel said.

“Ten years ago, a company could get infected by a nasty worm and have their business disrupted for a few hours,” he said. “Nowadays, they do not know they have been compromised and they [only] realize when it is too late: customers’ information stolen, bank account empty [and] confidential information leaked to competition.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.