By the DynaSis Team
Cybersecurity, already a hot topic in the news, has moved to an even brighter spotlight now that the presidential candidates are discussing it. The merits of their positions are not for us to debate here. However, their actions underscore the idea that cybersecurity is an issue of concern to the citizens who might vote for them.
Statistics support this viewpoint, especially among the small and midsized business (SMB) community. In May, 2015, Endurance International Group (EIG) released the results of a survey that indicated 81 percent of SMB owners have cybersecurity concerns. Even more (94 percent) “often think” about online security. This is good news, given that SMBs are prime targets. A Verizon study found that organizations with 11-100 employees are 15 times more likely to have their security defenses breached than organizations with more than 100 employees.
Unfortunately, the EIG survey also contained some deeply worrisome statistics. Researchers discovered that 94 percent of SMB owners don’t have cybersecurity insurance. Eighty-three percent handle cybersecurity themselves, often because they don’t think they can afford to employ IT support staff or contract for managed IT services.
In reality, the risk of being breached has become so great that no business can afford not to engage professional help. Attack vectors are evolving so rapidly that it is impossible to avoid them completely. Multi-national, billion-dollar corporations work to manage risk with layers of protection that close security holes, remove or clean infections, detect and stop malicious activities, and provide other lines of defense for corporate systems.
As we head into 2016, we hope all SMB owners will embrace this approach and take action to fortify their companies’ defenses. There simply is no “silver bullet” for security. No single solution will protect a firm. Companies must use a multi-layered approach in order to mitigate threats. Beginning with our first January article, we will be covering various aspects of cybersecurity to help educate our readers regarding this daunting but critical task.
Cybersecurity is complex, and it deserves everyone’s full attention. To ignore it is to accept the consequences of a breach. For an SMB, such an event is almost always financially crippling. In 60% of cases, it will destroy the business within six months.
By the DynaSis Team
[featured_image]In late 2013, Internet security firm Fireeye released some disturbing news. Their research had uncovered evidence that a string of sophisticated, seemingly unrelated malware attacks had a common origin. Fireeye referred to the effort as a “broader offensive fueled by a shared development and logistics infrastructure.” In other words, multiple criminal entities and operations were working together, pooling and sharing resources and logistics to make it easier and more efficient to develop and launch highly sophisticated but distinctly separate attacks.
Fireeye dubbed the large operation, which provided the framework and resources for at least 11 separate malware campaigns, the Sunshop Campaign. All 11 of the attacks were built on the same infrastructure of malicious services and applications, including shared malware tools, code, timestamps and digital certificates. This “malware supply chain” supported a centralized planning and development effort, operating in much the same way as a large manufacturing facility―or a multi-player, organized crime ring.
The idea of advanced, highly organized and well-funded groups working together to make their efforts even more streamlined and effective should cause any IT security expert to shudder. It certainly got our attention here at DynaSis.
Malware attacks being masterminded by criminal organizations is nothing new, but security experts have always assumed most of them worked largely in isolation. The fact that they have decided to team up, sharing their best minds and practices to achieve an even more deadly and ruthless result, is positively horrifying.
It’s one of the reasons DynaSis has been emphasizing the importance of cyber security so much and so often, of late. It’s also one of the reasons we launched our enhanced anti-malware and spyware service earlier this year. This state-of-the-art anti-malware/spyware solution not only roots out and blocks known menaces but also works to identify “zero day” attacks― assaults that exploit unknown vulnerabilities in computer applications before researchers identify and write code to plug them.
It’s exactly the type of protection everyone is going to need in the brave new world where malware “factories” with sophisticated supply chains may well become the norm. To learn more about the current malware landscape and why we are so concerned about it, or to explore the specifics of our new malware service, fill out our inquiry form or give us a call.