by Simon Edwards
The threat landscape can move pretty fast – often outpacing the ability of security professionals to keep up. The black hats always have the advantage of surprise. They’re more agile, and increasingly well resourced thanks to a darknet stocked with all the tools and techniques they need to launch attacks. Given the size of the challenge, one of the best chances we have of mounting an effective response is by sharing information. That can work well between organisations. But it can also be done very effectively between experts on the vendor side and security professionals.
That’s why we’re delighted that our VP Security Research Rik Ferguson will be on hand at Cloud Expo Europe in London later this month to share his wisdom on two of the biggest threats facing firms this year: ransomware and Business Process Compromise (BPC).
A tough year ahead
We all know the challenges facing organisations from ransomware. According to our TrendLabs 2016 Security Roundup, the number of new ransomware families discovered last year jumped a staggering 752%. That shows you the level of attention it was getting from the hacking community. And that’s understandable, given that so many organisations decided to go against all advice and pay up. Many deemed the hit to service levels simply too great to refuse, and risk losing mission critical data for ever. If one good thing is to come out of the ransomware epidemic of 2016, hopefully it is improved back-up processes.
Perhaps less well discussed last year is a threat we’re calling BPC. We’ve all heard of BEC – Business Email Compromise. Well, this is a similar threat, but one focused on business processes. As such, it requires a far greater level of sophistication, and a fair amount of reconnaissance and preparatory work to effect successfully. It requires the cybercrime gang to hack into its target enterprise and modify processes to enable large amounts of corporate funds to be transferred outside of the business. It may even involve specific modification of transactions to hide the heist from security and monitoring systems.
The most famous example of this came with the audacious cyber theft of $81 million from the Bangladesh Bank, but there are more. In fact, given the huge sums on offer, it is likely to gain in popularity until organisations implement the kind of application controls, endpoint protection and system monitoring tools that can help spot and block such threats.
At the show
Rik will be covering both BPC and ransomware in two separate presentations at Cloud Expo. Here’s a brief taste of what to expect.
Business Process Compromise Attacks – The Next Generation Threat to Your Organisation
This session will describe this new attack method and explain how cybercriminals’ understanding of how major institutions process financial transactions is being used increase their pay out. Rik will cover real-world examples highlighting how BPC works, such as the Antwerp Seaport shipping container system hack that allowed cybercriminals to reroute and smuggle drugs. These stories will help illustrate how enterprises with limited visibility business process risk can be easy targets.
(15th March at 10:25)
Countermeasures to Protect Against Ransomware
The ransomware epidemic is showing no signs of slowing down. We are not only seeing the surfacing of new families, but the commitment of malware creators to create continuous updates in previously-released variants. This session will look in detail at the aggressive nature of cyber extortion campaigns, what is driving this surge in ransomware and what organisations can do to better protect themselves at every stage of the attack lifecycle.
(16th March at 11:00)
We hope to see you all at the show.
What: Cloud Expo Europe 2017
Where: London Excel
When: 15-16 March 2017