How secure is your corporate computer network and sensitive information? According to the RSA on cybercrime, “88% of Fortune 500 companies have compromised PCs running Trojans in their environments.” The primary objective of these Trojans is to collect sensitive corporate information which can be used to steal money or sold on the black market to other cybercriminals.
Most corporate IT departments build a secure barrier around their computer networks to prevent network intrusions and malware infections. Unfortunately, once a hacker penetrates the security barrier most corporate servers have little to no antivirus protection. Cybercriminals know that corporate firewalls and other traditional security perimeters are difficult to penetrate so hackers primarily focus on infecting the end users laptop, desktop, or portable devices. These devices tend to be more mobile, less secure, and have sensitive corporate information stored directly on their machines in unencrypted formats.
Sophisticated email attacks and infected websites are the most common methods used to spread malware by exploiting vulnerabilities in third party software applications like Microsoft Office, Adobe Flash/Reader, Sun Java, Real Player, iTunes, Apple QuickTime, Web Browsers, and Operating Systems. According to Kaspersky Lab’s, in 2010 they detected over 119 million malware hosting servers and 8 out of 10 emails sent daily contain malware.
Unpatched software applications and operating systems can allow cybercriminals to infect machines. To complicate matters, the end user does not have to open an attachment or click on a link to become infected. Simply visiting an infected website or displaying an image online through a search engine or email message can infect your system and spread to other internal computers and servers. The infected systems are often used to monitor network traffic, collect sensitive data, and send information back to cybercriminals.
Layered strategies of protection need to be employed and monitored. Top down enterprise risk assessment is a key tool since antivirus protection can be subverted. Cybercriminals often use Rootkits to hide malicious malware from the end user, operating system, and antivirus software. Rootkits are sophisticated programs that hide in secret locations. Especially prevalent are boot viruses (form of rootkit) which load before the operating system and work within the boot sector to take complete control over the system during the boot process. Once a system is compromised, the majority of antivirus software on the market today is unable to detect and/or remove the infection. There are some specific tools and methods available to detect and remove both rootkit and bootkit infections.
Our team of IT professionals can analyze your network security and recommend strategies to improve security and keep your valuable corporate information safe. Contact HRMSI to discuss the impact of cyber security on your entity. We have a multi-disciplinary network of professionals who can assist you. Contact us at (630) 243-0117 or MFischer@riskinc.net.