What's New The CryptoLocker ransomware, which encrypts data on victims' machines and requires a ransom to decrypt it, is targeting small businesses, warns Cisco. CryptoLocker attackers "want you to pay them for the privilege of using your machine," Craig Williamson, a threat researcher with Cisco's Threat Research Analysis and Communications team, told a briefing of journalists on Monday. "If you look at the list of files [targeted by CryptoLocker], they are files more specific to small business, like QuickBooks, or data bases that are more useful to small businesses or small enterprises," noted Jaeson Schultz, another threat researcher with Cisco's TRAC team. "There is a business twist to CryptoLocker," he added. The Federal Bureau of Investigation estimates that ransomware is a $150-million-per-year industry. "CryptoLocker is the most advanced piece of ransomware we've seen. Unlike a lot of ransomware, it uses high-grade encryption. It will encrypt your files in a way you cannot easily recover," Williamson said. CryptoLocker malware began spreading in September of this year and has resulted in a significant jump in ransomware attacks in the third quarter, the Cisco researchers explained. "CryptoLocker is getting a wide distribution because somebody spent significant time and money developing it ... If somebody goes to that much trouble to write malware, they go the extra length to spread it out there," Williamson related. While CryptoLocker attackers are criminals, they are honorable criminals, noted Schultz. "They actually follow through with decrypting your files if you pay the ransom. At least they're living up to the bargain," Schultz observed. The Cisco team noted that antivirus software and email security clients can usually catch ransomware before it infects machines. Users should also back up their files in case they are infected, they advised. Related Articles:
Cryptolocker 'ransomware' seem to be targeting systems from the US
Tales from the CryptoLocker--Your files cannot come back from the dead Read more about: ransomware
back to top
IBM, Hewlett-Packard, EMC, Symantec and McAfee are leading vendors in the global security and vulnerability management market, according to TechNavio. The research firm judges that the increasing complexity in enterprise information systems, along with the greater use of diverse operating systems, increased demand for software apps and greater awareness of security threats are driving market growth. At the same time, there are a number of challenges to market growth, including the availability of open source security software. "Customers are opting for open source solutions as they can copy, modify and reconstruct the source code without having to pay for the software. Such features of open source solutions are a serious challenge for the market," TechNavio observes. Trends that are counteracting the market challenges include increasing adoption of mobile devices in the workplace, as well as the use of mobile devices for commerce and banking. "The use of mobile devices for payments, online banking and other transactions has increased the need for a secure way to verify the identity of the person authorizing a transaction, which is aiding the growth of this market," the research firm notes. For more:
- see the TechNavio release Related Articles:
Security SaaS market to increase at a 13.7 percent CAGR through 2016, says TechNavio
Attackers increasingly targeting social media, mobile devices, warns IBM X-Force report
Read more about: EMC, Hewlett-Packard
back to top
Unguarded machine-to-machine endpoints could lead to network security breaches, malware infection and data leaks for enterprises, warns Kathryn Weldon, principal analyst for enterprise mobility at Current Analysis, in an IT Connection blog. "We are starting to see M2M come more into the traditional domain of IT and enterprise networks," Weldon writes. The analyst cites the recent announcement by Verizon launching the first operator security product specifically designed for M2M. Last week, Verizon unveiled a cloud-based managed certificate services platform to authenticate M2M devices and secure data transmitted between those devices. The services are offered on a "pay-as-you-go" model so that enterprises only pay for what they need. "With the continued explosion of the Internet of Things and the expansion of connected objects and machines, businesses require a simple, scalable and effective way to manage identity and data integrity," explains Eddie Schwartz, vice president of global security solutions for Verizon Enterprise Solutions. Another M2M area that enterprises need to address is connectivity. Weldon recommends that firms require service level agreements from their M2M carriers to ensure connectivity and redundancy. Verizon again is a leader here. It plans to offer customers an "integrated support framework from endpoint to network to cloud and back," she notes. AT&T is also stepping up to the M2M plate. Its commercial connectivity service connects M2M endpoints to a multiprotocol label switching network for secure connections, as well as link redundancy to two data centers and automatic failover in case of disruption, Weldon relates. At the same time, other operators are "more skeptical" about M2M security and connectivity because of the difficulty of guaranteeing connectivity and performance for radio networks, Weldon concludes. For more:
- read Weldon's blog
- see Verizon's release Related Articles:
Increasing cyber threats spurring 29.4 percent CAGR in smart grid cybersecurity market, says TechNavio
Attackers could steal payment credentials from mobile phones through SIM cards Read more about: enterprise mobility
back to top
Enterprises should be more proactive in implementing protection measures to address the expected increase in cyberattack volumes next year, cautions Andrew Kellett, principal analyst with Ovum's IT security team. "Security experts recognise the rise in use of sophisticated malware, and this is driving the need for better and more proactive security … Organisations will be required to fundamentally shift their approach to security from a mainly static defensive posture to one of taking positive action before or as an attack takes place," Kellett predicts. Sophisticated cyberattacks will target non-critical infrastructure firms more frequently in the coming years. These firms will need to tap into security intelligence, big data analytics and threat prioritization. "Not every organisation has the budget or security resources to meet its current protection requirements, let alone the extended use of cloud-based services and the BYOD-driven use of smartphones and tablets by employees. Therefore, organisations will be forced to consider the practicalities of managed, security-as-a-service options," Kellett adds. Enterprise operational demands, including the use of technology that makes business information more readily available, will drive the need for proactive security. Cloud-based services, user mobility and multiple devices are adding complexity to enterprise security equation. "Ovum recommends that organisations should look to gain positive advantages from Big Data, security intelligence and analytics-based approaches to security management. Meanwhile, mainstream security vendors need to provide a range of products and services that genuinely meet the protection needs of both SMEs and large enterprise clients," concludes Kellett. For more:
- check out Ovum's release Related Articles:
CISOs taking their eyes off the risk-based ball, warns Gartner
Q&A with Christopher Zannetos of Courion Read more about: Proactive Security
back to top
Enterprises should integrate "strong and well-documented" disaster recovery and business continuity planning in their data center strategy, advises research firm Gartner. "The move away from a 'just-in-case" strategy to making BC and DR a part of continuous data operations will reduce cost and potentially improve agility," explains Gartner. This is one of eight areas Gartner advises enterprises to consider when developing a data center strategy. Another area is investment in operational process and improved tools for the data center, including enterprise security and data management solutions. "Over the next five to 10 years most organizations will need to change their approach to previous data center strategies used in the last five to seven years, as most of the world comes out of recession and the Nexus of Forces (social, mobile, cloud and information) affects technology use," says Rakesh Kumar, research vice president at Gartner. The other six data center strategy areas include deploying process, memory and power efficient technologies; moving toward a balanced architectural topology and delivery model; managing capacity growth through data analysis; planning for operating system and application changes; making consolidation and rationalization a continuous change program; and modernizing data center facilities. "These eight critical forces are the major factors to consider when developing a data center strategy. Individually and taken together, they will determine the appropriate level of risk, cost and agility that data centers will carry and provide for the business. This model should be the starting point for mid- and long-term data center strategy discussions," observes Kumar. For more:
- see Gartner's release Related Articles:
Yahoo to encrypt data traffic
2 data centers per continent will aid in data disaster recovery, says Gartner Read more about: business continuity, enterprise security
back to top
| 
Follow @fierceitsec on Twitter
As we prepare for our turkey dinners and Black Friday shopping, let's remember to be safe if we shop online.
No comments:
Post a Comment
Keep a civil tongue.