SOLUTION BRIEF
Recent Trends in Crimeware
90% of All Reported Security Incidents are the Result of Human Error – National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented, GAO
What is Crimeware? Crimeware is “a type of malicious software designed to carry out or facilitate illegal online activity.” It attacks servers, workstations and browsers. It can steal credentials (usernames & passwords) and identity information. It can install backdoors into your system and allow unauthorized remote access to your network.
Crimeware is divided into four general categories:
In 2014:
23%
11%
of recipients opened phishing messages
clicked on attachments
– Verizon DBIR
– Verizon DBIR
1.Virus: Malicious code that attaches to existing programs – Requires end-user interaction 2. Worm: Self-propagating malicious code exploits weaknesses due to lack of patching in your systems and applications – Acts on its own 3. Trojan: Malicious code that misrepresents itself – Usually requires end-user interaction 4. RootKit: Collection of malicious code that deeply infects, hides, provides remote access, can change over time – Acts on its own or requires end-user interaction
78%
of observed phishing emails were IT- or security-related, often attempting to impersonate the targeted company’s IT department or an anti-virus vendor – M-Trends 2015: A View From the Front Lines
What does this mean? It only takes one click by one user for a malicious entity to gain access to your company’s entire network. But it’s not people in your organization that are the primary problem. Lack of adequate TRAINING & EDUCATION is the issue!
Continued on next page
1-800-843-8733 LearningTree.com © Learning Tree International. All Rights Reserved.
SOLUTION BRIEF
Recent Trends in Crimeware
To combat this, companies should develop robust and well-practiced Threat and Vulnerability Management Programs that aid: • Timely identification of vulnerability disclosures and vendor supplied fixes, including loud and clear communications to potentially affected staff • Timely testing, validation and deployment of patches to affected systems and software
“
There are two kinds of big companies in the United States. There are those who've been hacked ... and those who don't know they've been hacked." – James Comey, Director, FBI
• Timely implementation of interim risk mitigation techniques
A New Way of Thinking
• Targeting of specific workstation operating systems, browsers, add-ons – in addition to server O/S and applications and other infrastructure
There are several ways that you can address crimeware concerns to mitigate risk to your organization.
• Implementation of multi-factor authentication as a standard practice
“
What can be done?
1. Regular communication to your staff on the latest threats, hacker techniques, schemes and scams will allow continual defense against crimeware. 2. Constant configuration monitoring, testing, and review of both internal networks and your external perimeter is necessary to make sure these environments are not experiencing any unauthorized change. 3. Scheduled collection and analysis of threat intelligence designed to highlight specific Indicators of Compromise (IoCs) can quickly assist in the identification of a malicious presence. These steps help maintain a secure network but ultimately it’s staff training and education in Threat and Vulnerability Management, Anti-Phishing, and Security Awareness that will mold the thinking process of your employees to always be analyzing their actions in a security context.
Learning Tree offers 30+ Cyber Security courses including 40+ Certifications aligned with the National Initiative for Cybersecurity Education (NICE) framework. Take the first step toward effectively defending against cyber security threats by visiting LearningTree.com/CyberCert
1-800-843-8733 LearningTree.com © Learning Tree International. All Rights Reserved. US1601CWSB