Today, a few hackers may be ideologically motivated, but the majority of attacks are financially-driven crimes. This is seen most clearly in the rise of ransomware; no mystery, just pure and simple extortion. And consider the latest victim of choice, the healthcare industry, sacrosanct in most people’s eyes but merely a lucrative, vulnerable target to cybercriminals. As such, cybercrime follows the economic rules of any business – reward must outweigh costs – and should be confronted on those terms.
Welcome to 2017! What should we expect in cybersecurity in 2017? Our final post of cybersecurity predictions is from Adrian Asher, CISO for the London Stock Exchange Group and Morphisec Advisory Board member. He looks at upcoming developments in several key cybersecurity areas and offers some suggestions for moving forward.
This is the second blog post in a series of excerpts from the ebook (download here) “Know Your Cyber Security ROI: Making the Business Case for Cyber Security.” The first post introduced the concept of cybersecurity implicit ROI and the factors that determine the expected value of your cybersecurity operations. It also outlined the three attack phases and the correlation between attack phase and organizational cost.
This post examines the first attack phase and the costs associated with precautionary measures during this phase:
Organizations employ many precautions and actions in the attempt to block cyber attacks. Such measures can require significant time and resources to implement as well as maintain. This class of tools includes endpoint security solutions such as anti-virus, protection and detection systems as well as gateway solutions.
Every enterprise includes software patching as part of its security system to some extent. Because of its widespread use and marked impact on business processes, we will examine patching as an example of direct and indirect costs to your organization.
Executives often view cybersecurity as an expense, a necessary one perhaps, but still a burden on company finances, focus and time. Instead it should be approached as an investment – an investment in protecting an organization’s systems, resources, customers and reputation. And, like any investment, cybersecurity should be able to prove its value by delivering a solid ROI. But how do you calculate cybersecurity ROI? After all, security doesn’t create earnings.
Award candidates were evaluated on value proposition, internationalization strategy, potential impact in the industry, as well as their elevator pitch performance made in front of 200 investors, corporations and industry experts.
UPDATED POST - NOW WITH DETAILED TECHNICAL ANALYSIS!
During October 17 to 21, Morphisec identified and prevented several malicious and sophisticated macro-based documents at the site of one of our customers delivering a fileless Kovter backdoor Trojan attack. This and similar attacks illustrate the troubling trend that macro-based malspam campaigns are attacking enterprises with modified evasion techniques now on a weekly basis. With antivirus products updating their signatures within 3-7 days of the detection of an attack, the window of opportunity is big enough for cybercriminals to score.
Morphisec Prevents Major Malspam campaign - Again
In our report at the beginning of September about a large-scale malspam campaign discovered and stopped by Morphisec, we pointed out the central role that malware spam plays for hackers and the difficulties signature-based and behavioral security products can have in coping with them in real-time.
During October 10-12, 2016, Morphisec stopped yet another malspam campaign that again showed an extremely low detection rate on VirusTotal.
A Brief History
Virtual Desktop Infrastructure (VDI) is not a new concept – in fact virtualized desktops can be traced back to the 1960s, when IBM divided up mainframes into virtual machines to allow for multiple, simultaneous users. The modern take on VDI emerged around 2007 with the Virtual Desktop Manager by VMware. Citrix entered the game in late 2008. Over the next years, VDI and grew steadily but slowly. Until recently. The emergence of cloud-hosted virtual desktop solutions has accelerated VDI adoption by enterprises and smaller organizations alike.
New Locky – Zepto variant prevented by Morphisec! Ransomware with modified Eval mechanism evades all other security solutions.
Since Locky’s discovery in February 2016, it has emerged as one of the most prevalent and devastating ransomware threats of 2016. Over the last two months, ransomware in general has evolved greatly in delivery technique complexity, with Locky among the most insidious.
In particular, Locky moved to the Zepto variant, executing from dll and not an executable, started using quant loader, and added more evasion techniques to its arsenal.
It may sound odd, but cybersecurity has a huge emotional component. Unlike other industries that are driven by optimization and financial gains, cybersecurity has all the makings of a Hollywood movie—good guys, bad guys, nation-states attacking other nation states, and entire global IT systems at risk. Unfortunately for most victims of a cyber threat or breach, the effects are all too real and don't disappear when the music stops and the lights come on.