Governments and businesses across the globe must begin to implement a multi-layered approach to IT security that includes protecting users on endpoints.
In the past 12 months we’ve witnessed some of the biggest and most damaging cyber-attacks the industry has ever seen. And the recent breach at RSA and resulting opportunity to profit by attacking users on their computers is further evidence that organisations can’t over rely on a single security control, such as one-time password (OTP) authentication. A new approach needs to incorporate methods to isolate users on their computers from these attacks.
In the past year cyber-criminals have utilised a myriad of ever more sophisticated, targeted attacks now categorized including the emergence of Advanced Persistent Threat (APT) – from Night Dragon attacks on global energy to Stuxnet infiltration into critical infrastructure to the RSA SecurID infrastructure breach – resulting in an estimated cost to British business alone of over £20 billion a year.
Instead of infiltrating organisations through networks and anonymous attacks, the new threats are targeting users on their computers through social media links and phishing attacks.
The cyber-criminals are using commercial crimeware toolkits that are constantly changing. The most popular Trojan, Zeus (also known as Zbot), is spawning over 70,000 new variants each year. If cyber-criminals have successfully stolen seed codes from RSA, it is possible that they could combine multiple methods of attack to match this stolen data to real users and proceed to impersonate them.
Attacks will be mounted on against users’ computers, not the bank infrastructure. The result: banks would be unable to tell real users from criminals and millions will be lost. The Zeus toolkit is how a single UK cyber gang stole £30 million and is wreaking havoc to the tune of up to $6billion in the United States.
It’s time for governments and businesses to evaluate how they are protecting users and infrastructure from these new attacks. The recent APT attack could be the trigger for more severe attacks on intellectual property at major corporations, government agencies and the world’s financial systems. Criminals will be emboldened.