New Zealand businesses cannot rest on their security laurels. Just because we are a small country, it does not mean we are immune from serious cyber attacks.
And such attacks could very well occur this year, as cyber criminals increasingly have their eyes focused on the serious money.
This is the warning issued by IBM last month with the release of its latest annual Global Business Security Index Report.
The report predicts a global rise in professional, organised attacks to extort, steal or obtain money using established methods and also through more targeted attacks.
IBM’s local security practice leader, John Martin, says cyber crime evolved last year with those seeking simply to disrupt IT systems being overtaken by professional criminals looking to make serious money.
“There has been a general trend of professional virus and spyware writers effectively taking over from previous amateur attackers,” he says.
“Professional people are dedicating their efforts to criminal elements and find they can make real money from internet attacks.”
Local businesses may not escape their advances, Martin warns. And cyber attacks will become more difficult to counter as they will be smaller, stealthier and more targeted in order to attract less attention, unlike high-profile attacks of the past, such as Blaster or Sasser, he says.
Botnets, networks of compromised or zombie machines controlled remotely for malicious purposes, will therefore become smaller and more difficult to track down, says Martin.
The IBM report says botnets will continue to represent one of the biggest threats to the internet. But this is just one of the methods criminals are using to gain potentially lucrative information, the report states.
Blended threats making up a cocktail of spyware, such as keyloggers or Trojans, as well as phishing attempts and spam, will all continue to cause trouble this year, as will an increase in the number of wireless-enabled devices.
“There are so many different ways a system can be compromised and so many conduits through which an attack could be mounted,” says Martin.
To stay protected users need to keep firewall and antivirus software updated with the latest threat signatures, keep machines patched, and deploy additional layers of protection, such as antispyware, he says.
The Global Business Security Index Report is compiled by IBM’s security and intelligence team, based in Denver, Colorado, with input from units around the world including New Zealand, where the company’s Asia-Pacific security operations centre is based.
IBM predicts this year’s cyber crime trends:
· Smaller, stealthier and more targeted attacks will continue to net criminals and spies the information they need.
· Botnets will continue to represent one of the biggest threats to the internet, but newer botnets will have smaller cells and more sophisticated command and control systems.
· Computer users will continue to be the easiest attack vector and miscreants will focus more efforts on convincing users to execute the attack on an attacker’s behalf instead of wasting effort in lengthy software vulnerability discovery.
· Leaking of confidential data via email, mailing lists, newsgroups and websites will continue, while the increased use and popularity of collaboration tools, such as blogs, will increase