In a business environment, the odds of someone encountering malware are extremely high. As one report revealed, 45 percent of Internet users came up against malware during last year alone. And these days, confronting a malicious strain can often be accompanied by significant repercussions. Among the most common consequences that occur as a result of a malicious infection are changes in operating system settings, unauthorized social media posting, data loss and information theft. For one out of three users who is infected with malware, that intrusion will lead to monetary losses.
"45 percent of Internet users came up against malware during last year alone."
Considering that almost half of Web users faced malware, it should come as little surprise that enterprises - which have networks accessed by many different people - are particularly vulnerable to intrusions. When a cybercriminal is attempting to breach a corporate network, he or she will typically hone in on the easiest target: individual workers. Often, a phishing scheme targeting a single employee's email account is all it takes for a hacker to gain access to an entire corporate network.
Unfortunately for businesses, malicious intrusions are not only growing more frequent, but they are harder to detect as well. As FBI supervisory special agent Timothy Wallach pointed out to attendees of Cloudsec London, confronting cybercrime is not optional for enterprises. In a world where cybercriminals "have moved from ego-hackers and script kiddies to sophisticated nation-state actors," it is an absolute necessity.
"Business IT leaders need to familiarize themselves with current strains of malware."
One important element of enterprise cyber preparedness is for IT leaders to familiarize themselves with the specific threats that exist currently. As the following hacking schemes illustrate, the criminal cybersphere is one that companies need to be very concerned about:
Back in 2014, Bryan Krohn, CFO of BitPay, received an email that appeared to be from a legitimate source, as The Atlanta Business Chronicle reported. Krohn, whose company was launched in 2011 and provides businesses with an easy and convenient means of accepting bitcoin payments, followed this supposedly legitimate email to a website, where he proceeded to enter his corporate email credentials.
But unfortunately for Krohn, the email he had received had come from a sender whose account had been hacked. Therefore, the information that Krohn provided fell into the hands of hackers, who then used Krohn's authentication information to steal upwards of $1.8 million from the business via the criminal transfer of 5,000 bitcoins.
This is the kind of phishing-based fraud that's being increasingly deployed by cybercriminals. But whereas phishing methods were once easily detectable, they can now be extremely difficult to distinguish from a legitimate email, which is how BitPay ended up losing around $1.8 million. Because cybercriminals often use phishing schemes to get passwords that they can use to enter corporate networks, one way to limit the efficacy of such intrusions is to implement enterprise-wide multifactor authentication, which adds an additional step of identity vetting to ensure that imposters can't easily breach privileged accounts.
Some companies rely on sandbox-based gateway appliances to guard against cybercriminals. But there's a new strain of malware that can reportedly bypass these defenses. According to The International Business Times, a recently-discovered malicious strain has the potential to surmount traditional gateway appliances thanks to the sophistication of its design. The fact that such a malicious strain is out there should impel businesses to consider more robust systems of protection, said Sanjay Katkar, CTO of the security firm that discovered the malware.
"Our initial findings have taught us that even the most advanced sandbox-based appliance protection can be breached," Katkar said of the malware, which has been dubbed APT-QH-4AG15. "As a result, enterprises need to consider and implement multiple layers of protection to safeguard their networks."
There have been many crimes committed against the stock market, but only recently have those criminal incidents taken on a cybercrime element. In early August, nine individuals were charged in a cyber-fueled insider trading scheme that involved traders forwarding unpublished stock-focused press releases to hackers, who would then carry out trades based on this advanced data, as The New York Times reported. What makes this incident notable is that it reveals how a time-worn criminal practice - insider trading - can merge with a comparatively new one: cybercrime.
"This is the intersection of hacking and securities fraud," U.S. Attorney Paul Fishman stated at a press conference about the incident. "The hackers were relentless and patient."
In a recent development in the case, a group involved in the scheme - Jaspen Capital Partners, whose CEO is Andriy Supranonok - will be paying a $30 million fine as punishment for the roughly $25 million they are accused of reaping via the scheme. But Jaspen Capital represents only a part of the total number of culpable parties. All told, a reported 34 people participated in the scheme, and ended up making more than $100 million through their crimes. As the trials for those involved play out, it will be important to examine the case as a model for an evolving crime type - one that must be combated.
In the enterprise realm, one fact many businesses overlook is that malware is a problem for all enterprises, no matter what industrial sector they're in. In the second part of this piece, we will highlight some industry-specific malware strains to show that enterprise security is imperative for every type of organization.