Designing Security Measures for a New Era, From Scratch
Cyber attacks are a constant threat these days, with many businesses falling prey to criminal attempts to access and steal confidential information and money. We have been using information learned from these cyber attacks to develop new security measures that help protect your business.
Risk of Targeted Attacks is Growing
Malware first appeared in the mid-1990s and early 2000s, as the Internet gained wider adoption. This early malware was developed to show off the creator's technical skills and to cause as much disruption as possible. However, in the latter half of the 2000s, malware began to change. Instead of simply causing disruption, malware was developed to steal online banking credentials and gain access to bank account funds. The development of bots, another type of malware that allowed remote access and operation of infected computers, enabled criminals to send huge amounts of spam email and gain access to private information. Malware was increasingly associated with illegally gaining access to money online.
Malware attacks were not only aimed at individuals but also at businesses and even at entire countries. These highly targeted attacks began to attract a lot of attention. Specific businesses were targeted with malware that was unknown to anti-virus software, giving the attackers access to internal systems and confidential information. In 2011, it was discovered that the Japanese defense industry was subject to a targeted malware attack.
There are many different types of targeted attack, but one example is sending emails designed to look like they are from a customer or colleague. A URL in the main body of the email infects the system with malware when clicked. The attacker can then remotely operate the malware-infected computer to access and steal confidential information saved on company servers.
Ransomware – The Scourge of Businesses
Recently, there has been a proliferation of crimes using a form of malware known as ransomware. Ransomware encrypts files saved on infected computers, rendering the content of those files inaccessible. The attacker is then able to hold files hostage. The target of the attack must pay a ransom to restore access to the files.
Ransomware uses legitimate encryption techniques against the target of an attack. Encryption was developed to prevent information leaks. Once a file has been encrypted, its content cannot be accessed unless the user knows the decryption key. Even if a third party got hold of an encrypted file, the content could not be accessed without the decryption key. Ransomware allows criminals to use this same mechanism to extort money from the target of the attack.
DDoS attacks have harmed a great many companies
A distributed denial of service (DDoS) attack involves an extremely large number of access requests to an online public server coming in at the same time. This causes the server to become inaccessible. This attack renders servers inaccessible by the public. Services like e-commerce sites can suffer lost business while the attacks are taking place.
In one instance, the website of a major manufacturer was rendered inaccessible for as long as a week. The company announced publicly that it had been the target of a DDoS attack and relaunched later with improved security measures in place. This attack was thought to be carried out by hacktivists, a term given to groups and individuals who carry out cyber attacks to raise awareness about issues they feel are important.
Time to Upgrade Security Measures
Anti-virus software and firewalls are good security measures and can prevent conventional cyber attacks. However, cyber attacks evolve on a daily basis. It is likely that products and services used in the past will not be sufficient to protect against future attacks.
Cyber attacks on public servers
What are DDoS attacks?
A large volume of access requests to the server come in at the same time, causing the website to crash.
Unauthorized access to websites
The attacker gains unauthorized access to servers using vulnerabilities in the system. They then use this access to steal private client data, etc.. This kind of attack can significantly damage a company's brand. It can also lead to situations where significant compensation has to be paid to the victims of the data breach, severely impacting the company's ability to continue operations. Measures need to be taken for this as soon as possible.
Malware (ransomware) and targeted attacks
What is ransomware?
Encrypts files on infected computers so that the owner cannot view or access them.
What are targeted attacks?
Targeted attacks generally consist of malware-infected emails, made to look as though they were sent by a client or customer. If a link or file contained in the email is opened, the malware infects the user's computer. This allows the attacker to remotely access the company's internal systems and steal confidential information.
* A command and control (C&C) server is a server which acts as the control tower for cyber attacks
NTT Communications Global managed security services
Our WideAngle global integrated security service is built on 25 years experience providing risk management services to over 8,000 customers, worldwide. We offer a combination of professional services, security solutions and managed security, powered by a security information and event management (SIEM) engine.
Content Delivery Network (CDN)
Content Delivery Network (CDN) service uses a performance-optimized network of cache servers to send web data to your end-users from geographically optimal network locations. This eases demand on your web servers and increases overall system performance.
Total Security Package
Three types of security packages are available in NTT Com (Thailand).
Virus Scan Services
NTT Com (Thailand) provides system integration of virus scan solutions and virus scan management service to protect your PC network environment from computer virus.
Issues facing today's IT operations and maintenance teams