by Bharat Mistry
Another week, another data breach – or rather, another four. All the cyber security chatter over the past few days has been around revelations of historical mega breaches at some of the world’s best known web companies. And while it shouldn’t be surprising that big name firms are still getting breached – albeit tech companies that should really know better – it’s concerning that some apparently lacked the visibility to realise until years later the sheer scale of customer data theft from their organisations.
The incidents raise rather fortuitously some key points around layered threat prevention, vulnerability protection and breach reporting which Trend Micro will be discussing at length at Infosecurity Europe 2016 next week.
What went wrong?
It’s still not 100% clear how the bad guys managed to breach the four web players in question: LinkedIn, Tumblr, MySpace and Fling.com. Troy Hunt, who runs the Have I Been Pwned site, has seen huge data dumps from the four on underground sites being sold by the same actor, peace_of_mind. This, along with the fact they all seemed to appear on the darknet at around the same time, even though the incidents apparently occurred at different times and at least three years ago, would seem to indicate some link.
What more is in store that we haven’t already seen? And for that matter, even if these events don’t all correlate to the same source and we’re merely looking at coincidental timing of releases, how many more are there in the “mega” category that are simply sitting there in the clutches of various unknown parties?
It’s an interesting point. And given what we know about the preparedness of many organisations to deal with cyber attacks, there will certainly many more to follow. But while these breaches spilled details on hundreds of millions of users, the same threats face organisations all over the UK no matter what their size. Whether it’s a targeted attack using covert malware to bypass traditional defences and silently exfiltrate data, or a more simple exploit like an SQL injection attack of the sort that apparently led to the TalkTalk breach – risk could be managed and mitigated much more effectively via some simple steps.
Time for layered defence
At Trend Micro we believe in layered defence built around three main pillars:
Hybrid cloud – we offer tight integration with AWS, Azure and VMware to deliver complete protection across physical, virtual and cloud environments, all from a single product
Network defence – advanced sandboxing and monitoring across physical and virtual network segments, all network ports, and over 100 network protocols to identify ransomware, targeted attacks and more
User protection – with BYOD, virtual desktops and more, endpoints are multiplying across the organisation, leading to security gaps. We offer user-centric visibility and control through a single console across all endpoints
We’ll be at Infosecurity Europe to discuss the layered security approach in more detail on Stand D25, so come down to find out more. Crucially, with these tools in place, organisations aren’t just better placed to defend against attacks, but they should never find themselves in the same position as the likes of MySpace and Tumblr, who were in the dark for years before they found out that they’d been breached on such a massive scale. It’s all about improving visibility with centralised control.
But there’ll also be a host of Trend Micro experts at Infosecurity Europe talking about many of the issues raised by the recent spate of breaches at the likes of LinkedIn, MySpace and others.
Our CTO Raimund Genes, for example, will be taking part in a panel debate on Wednesday entitled: State of Vulnerabilities, Exploits and the Best Practices for Prioritising Remediation. Vulnerabilities are a growing area of concern for CISOs and one of the key weak points in any organisation exploited by cybercriminals to get inside networks. With over 6,000 new bugs set to be made public this year, this keynote will share some vital best practices to improve remediation and reduce risk.
Meanwhile, Trend Micro VP of Security Research and Europol Special Adviser, Rik Ferguson, will share his expertise on why organisations need to prioritise incident reporting in a Thursday keynote entitled Fostering Better Engagement Between Business & Law Enforcement to Effectively Respond to Cybercrime.
Hope to see you at the show. If you’d like to schedule a private meeting with one of team please email firstname.lastname@example.org
Infosecurity Europe, London Olympia, June 7-9