- Cyber threats growing more complicated, no single addressable solution
- Challenges demand combination of technology, intelligence response
GLOBAL security company, Kaspersky warns that the cyber-threat landscape is growing increasingly complex and companies need to do more than merely defending the corporate network perimeter.
While it is important to protect their boundaries from generic attacks businesses also need to be able to detect targeted or advanced cyber attacks that are in progress.
“Financial institutions are big targets for cyber criminals these days and they can expect more direct attacks on them,” explained Oleg Glebov (pic, above) solution business lead Kaspersky Lab about the rising threat trends in the Asia Pacific region.
The claim is backed by a report from CyberSecurity Malaysia confirming the exponential rise of cyber security cases with 11,900 in 2015 alone compared to 10,636 cases in 2013.
Last year financial institutions around the world faced an unprecedented scale of attacks by an international cybergang called Carbanak where US$1 billion was stolen over the course of two years using a variety of methods that included compromising the bank’s ATM system.
“For cyber criminals, they will attack assets that are not well protected and use ATMs machines to dispense cash at scheduled times where an accomplice waits and collect “clean” cash without the bank knowing,” said Glebov during a recent Kaspersky briefing in Kuala Lumpur
The second big attack trend is against big enterprise markets where uniquely crafted attacks that target the company specifically are employed.
“Even if a company spends on security and has a good solution, it would not be able to protect against this kind of attack as it is very unique. This happens all over the world though it is not a big trend here yet because cyber criminals don't have an interest in the region. But definitely, this problem will be on the rise here,” he warned.
While such software attacks are on the rise, there is another equally alarming software issue – organisations lack trained and qualified IT and security staff.
“Many big organisations and even governments have become reliant on security providers to do all the protection for them. But as cyber threats become more and more sophisticated, using one single solution is not enough,” contends Mikhail Nagorny (pic), head of security services, enterprise business at Kaspersky Lab.
“You need to rely on strategy first and not technology. There is no artificial intelligence that can help do everything for you,” cited Nagorny.
Kaspersky Lab believes that these challenges, unlike more traditional cyber-attacks, cannot be addressed through a new technology or product, but demand for a combination of technology and intelligence.
To this end, Kaspersky has introduced two security solutions called Kaspersky Anti Targeted Attack (KATA) Platform and Kaspersky Security Intelligence (KSI) Services.
Kaspersky said the KATA platform enables businesses to detect targeted attacks and other malicious actions through careful monitoring of network activity, web and email. Suspicious event are processed via different engines including an Advanced Sandbox and Targeted Attack Analyzer for a final verdict.
Meanwhile, the KSI service is designed for large organisations, governmental agencies, ISPs and telecoms to cover areas like penetration testing and application security assessment, cybersecurity training and threat data feeds and botnet tracking and intelligence reporting.
“We have a plan to the end of 2018 to build a full coverage platform designed to protect, detect, respond and predict. We plan to cover all these steps together within the technology and services. That's our ideology,” he shares. “We want to share our knowledge and start early detection.”
The high cost of the IT security talent shortage
Cybersecurity savviness: Malaysians fare badly in 16-country Kaspersky survey
SEA not ready for a cyber-attack … nope, not really