Cyber-Crime Remains a Jump Ahead

Cyber-criminals are becoming more sophisticated, targeting their attacks at whitelisted vectors; after all, who wouldn’t open an email attachment from his/her manager? While employees may think they are complying with company security measures, a simple and honest mistake could compromise the entire company.

As the enterprise workforce continues to mobilize, extending corporate information security policy to employee endpoints will require tools that transcend network connectivity, patch levels and authentication.

Each email attachment, document and Website should be construed as a set of applications running on company-owned devices. It’s quickly becoming impossible to tell the good from the bad.

Existing security technologies rely on detection of threats through signatures—a method that makes it impossible to block “zero-day” attacks that have never been seen before, or “polymorphic” attacks that dynamically change their signature.

The longer it takes to defeat an attack, the more damage it can do.

By using polymorphic, undetectable designs that change with every use, move slowly and exploit unpatched vulnerabilities, attackers are successfully exploiting gaps exposed by traditional and next-generation firewalls, intrusion-prevention systems (IPS), antivirus and Web gateways.

Today’s threats are more of a series of coordinated attacks than a single binary, and use data that is easily available on social networking sites to create highly targeted, clandestine forays aimed at users who are reachable through the Web and email.

Network-based security is ineffective in protecting mobile users. Increased employee mobility poses a challenge to traditional network security solutions; an executive working from a hotel or a salesperson connecting from a coffee shop are highly vulnerable to attacks as they are unprotected by corporate network defenses.

Locking down the desktop by significantly narrowing users’ access to the Internet creates new challenges. Users rely on the Internet to accomplish their daily activities, and if they cannot get their work done through the enterprise-provisioned endpoint, they bring other devices to work and circumvent IT policy in search of productivity.

Users are only human. No matter how comprehensive an enterprise’s tools may be, an attacker can design malware to bypass even state-of-the-art detection and protection systems and trick the user into continuing the behavior that lets the attack persist.