by Ross Dyer
UK law enforcers were in celebratory mood last week after a major co-ordinated strike against cyber criminals across the country. In total, 57 suspects were arrested in 25 separate operations nationwide for a range of offences, from DDoS to phishing and online fraud to malware distribution. One suspect was even arrested on suspicion of hacking US Department of Defence systems.Any operation designed to strike against those who make the internet less safe for ordinary computer users should be applauded. But it should also encourage us to redouble our efforts at strengthening corporate systems against attack. After all, by the time the police get involved, the damage has usually been done.
Cyber Crime Strike Week
Last week’s efforts were a major PR success for the UK’s National Crime Agency (NCA) – the body that co-ordinated law enforcement, industry and government to make the arrests possible. Not only was the so-called “strike week” geographically wide in scope, covering England Scotland and Wales, but it also spanned a broad range of related offences. The large amount of publicity given to the operation by both the trade and mainstream press should remind anyone thinking of pursuing a career in cyber crime that the internet does not provide the cloak of anonymity it once did.
Of course, online crimes are still relatively difficult to track, especially with the advent of strong encryption and services like Tor which help to hide the identities of those involved. But given the number of stories we hear on an almost weekly basis – of shadowy cyber gangs making off with millions after launching untraceable attacks – it’s nice to redress the balance a bit.
Even more heartening was the related news that 10 Regional Organised Crime Units, as well as police in Scotland and Northern Ireland, visited 60 businesses with “personalised security data reports”. With this key threat intelligence these organisations can now clean up their servers – reducing the propagation of malware, spam and phishing attacks.
Prevention better than cure
But while this is all to be applauded, it should also be a reminder to organisations of the dangers they face from online crime. Whether its scammers looking to phish your customers and commit ID fraud; cyber criminals hoping to steal IP or sensitive customer data via targeted attacks; or even hacktivists looking to make an example out of you by taking you offline with a DDoS, the threats are everywhere.
No matter if you’re a large enterprise or an SMB, there’s a clear and present danger of compromise today. In our 2015 predictions report, The Invisible Becomes Visible, Trend Micro anticipated the next 12 months will bring “bigger, better and more successful hacking tools and attempts”, as well as an increase in targeted attacks, vulnerability exploits in open source apps, and financially motivated threats.
So while we should applaud the NCA’s work, we should also remember that the best way to fight cyber crime is to prevent it happening in the first place, with a comprehensive, well thought out information security strategy.
A few tips
This is in no way an exhaustive list, but some of the basics should include:
- A strong user education/awareness program for staff – regularly communicated and refreshed
- Anti-APT and targeted attack tools which can spot advanced threats
- A comprehensive endpoint security suite covering physical and virtual endpoints and mobile
- Up-to-date software patches on all key systems. Vulnerability shielding will buy you more time if you’re suffering from patch overload
- Strong encryption for data at rest and in transit
- SSL Extended Validation and daily malware scans to secure your public-facing website
- Comprehensive network security including anti-DDoS, IDS/IPS, firewalls, AV etc