Security is becoming an increasing issue for all businesses and it is constantly making news headlines. Businesses need to pro-actively plan their security to ensure that the rising levels of cybercrime don’t affect them.
According to the 2015 Dell Security Annual Threat Report, in 2014 the retail industry was subject to many of these attacks, with companies such as Home Depot, Target and Staples all becoming targets of credit card data theft. Their customers were exposed to possible fraudulent purchases or identity theft. Target in particular had 40 million card numbers stolen.
The question of course is how this is still able to happen when there is legislation in place to control this. The answer is that security breaches can still occur through inaccurately trained employees, lax firewall policies, reliance on single lines of defence and poorly integrated products. Overall, the suggestion from Dell is that end-user education is essential. All of these sources of weakness are the result of human error. It is essential that businesses do not sacrifice security for performance. It should always be the number one priority.
The 2015 Dell Security Annual Threat Report also discusses the issue of hackers exploiting encryption. Websites are increasingly using encryption to provide privacy and security for their users and this is enabling hackers to hide in plain sight. Hackers use the encryption to hide malware from firewalls and infect computers through the likes of advertisement banners.
The report also highlights the emerging problem of smartphone malware. It has long been an assumption that opening an email on your phone is safer than doing so on your computer because it cannot be infected. This is not the case. Smartphone malware is increasingly becoming as sophisticated as it would if it infected your desktop. One such case is AndroidLocker which displays a message on your device masquerading as the FBI warning you about storing or viewing pornography. The message came along with a ransom note demanding you pay a fine or you would face criminal charges.
The report concluded that there was 9400 new vulnerabilities within technology and two thirds of them were related to network attacks according to the Common Vulnerabilities and Exposures System. It is essential that businesses maintain multiple layers of security and have numerous methods for preventing and responding to attacks on their network. It is important that there is continuous security awareness training for employees and that software and firewalls are always up to date. With constant vigilance and the right technology we can overcome cybercrime.