January 1, 2017 is fast upon us, which means it’s the time of year to think back on the knowledge gained these past 12 months and gear up for what’s to come next. In the cyber-security world this is especially important. If we don’t pay attention to emerging trends and emerging attacks, we’ll invariably see the same breach headlines we read in 2016. This thought rings especially true after rereading the 2016 Verizon Breach Report . This report was another reminder that relying on malware detection through traditional antivirus alone can lead to devastating consequences.
Let’s dive into a few key points from the report to understand the threats posed, the implications, and what Carbon Black can do to help.
Shifting Patterns in Incident Classifications Are Not All They Seem
Let’s focus on a specific section of the DBIR that highlighted the percentage of each major incident and breach classification across various industries.
Though “Denial of Service” weighed heavy across most industries when it came to incidents, the breach totals tell a more varied story. What was interesting about this data was not the totals of 2015, but the deltas from the year prior. Many industries saw a significant rise in web-app attacks and a drop in crimeware.
The DBIR authors are quick to point out that this does not necessarily have to do with the effectiveness of one attack over the other. Instead, it has to do with the interrelated activities of criminal organizations. Most notable, attackers hit your neighbor with one type of attack (such as new variant of malware) and turn around to continue the attack on you (with, say, stolen credentials to critical systems). Suddenly, the attack surface is no longer confined to just your network and you become susceptible to the effects of a successful malware attack without a single new file dropped.
It shouldn’t come as a surprise that the weakest link in your security program may belong to some other organization entirely. Take Target for example. The point of entry for their massive customer data breach started within the company that supported their HVAC systems. The attackers gained a foothold within a network totally out of the control of Target’s security team, and they took advantage of secure connections between the two companies to complete the attack. As far as Target was concerned, no malware was used to gain entry, but if you look at the entire attack chain across both companies, a different, more severe story unfolds.
Combating Non-Malware Attacks
As you finalize 2017 infosec budgets and figure out the overarching strategies you’ll use to protect your environments, it’s important to remember that these kinds of sophisticated attacks, those that leverage multiple organizations to complete their ends, are on the rise. It will take a concerted effort to combat them; one that involves better planning, more informed people and cutting-edge technologies.
Cb Defense, Carbon Black’s Next-Generation Antivirus (NGAV), is designed to stop both commodity malware and non-malware attacks alike. We’re partnering with the best minds in the industry to help you keep up with the rise of these increasingly popular attacks, especially non-malware attacks.
Join us as we discuss the latest trends in endpoint security, the effectiveness of NGAV and get a view into the results of multiple Forrester research projects at this upcoming webinar: