An operation Aurora looting intellectual property from Google, Adobe and Microsoft, $1,109,790 stolen from many firms at UK, Zeus Trojan packs for personalized malware available at $700 online, 92 percent of MNCs experiencing a malicious security breach at some time according to Pricewaterhouse Coopers and the question – are enterprises prepared for new generation cyber attacks?()
Gone are those days when cyber attacks were an issue of unease only to the government and military. Increased use of internet-enabled devices in the workplace has paved way for big time cyber attacks in enterprises by a better resourced and sophisticated breed of cyber criminals. One of the main reasons why businesses have become more vulnerable is the proliferation of new technologies and the growing dependence on IT. A research carried out by Accenture showed that 73 percent of organizations believe they have adequate policies in place to protect sensitive information, yet more than half have lost sensitive data within the past two years. Alarms started off in mid-December, when Google detected a highly sophisticated and targeted attack on their corporate infrastructure originating from China that resulted in the theft of intellectual property. Much to their woes, it was not constrained to China but went on to access Gmail accounts based in U.S. and Europe. Infiltration happened through accounts of human activists in China but was identified to have aimed not just Google but twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors. It was followed by a recent hacking of Ford Motor Credit Co.’s computer database that illustrates the potential loss and devastation present in cyber-risk. Entering through a database operated by credit-reporting agency Experian, hackers downloaded the Social Security numbers and addresses of 13,000 customers.
To add to the story, Cyber attacks are on a rampage with applications like Adobe Flash, PDF or Internet Explorer frequently targeted by attackers. Adobe, which had to face the music this time, saw a top web-based attack from April to June, related to malicious PDF activity, which accounted for 42 percent of total attacks. Over the past four months, an average of 130 instances of malware were found every day simply by searching for content on popular, “trending” topics via Twitter, Google, Yahoo! and Bing.
According to the Security Tracking Study carried out by the Ponemon Institute in August this year, 83 percent of multinational companies believe they have been the target of a cyber attack over the past 12 months. A Cyber security survey by Narus says more than 71 percent of respondents are concerned that their company is not equipped to protect itself from cyber attacks; approximately 88 percent think the government is not equipped to protect itself. The survey by Narus proposes a ‘cyber security ecosystem’ to tackle this issue. Realizing that one company cannot possibly offer technology and services to cover the vast needs among organizations, cyber security vendors must cooperate with each and form a “cyber security ecosystem” and to offer more value to their customers. Improvement of areas like security training, awareness and comprehension of threats by executive management and security audits can also tackle cyber terrorism to an extent.