Anti-virus companies have identified a new trend: Criminals are increasingly using open source software instead of developing or purchasing their own malware. Kaspersky Lab recently revealed several cyber espionage campaigns, which operate according to this model. Such free tools that were originally designed for security testing contain many tools that criminal hackers can also use for their own purposes. Even more conveniently for hackers, these tools are also developed and maintained by the open source community for free.
For many years industries like oil and gas, electricity, agriculture and utilities have relied on operational communications infrastructure outside the main corporate network to collect data and provide supervisory control. Known as Supervisory Control and Data Acquisition (SCADA) systems the data they collect leads to efficient allocation of resources, monitors safety conditions and improves operational decision-making. But now, with the emergence of Internet of Things (IoT) technology, industrial organizations are eager to deploy new wireless machine-to-machine (M2M) devices to collect even more data from field assets in remote, geographically dispersed locations. The number of sensors and data points in industrial networks looks set to multiply exponentially overnight. As a consequence, there will be more access points than ever before. Security, therefore, will be an important factor in determining the overall success of IoT deployment.
Ransomware is the latest trend in criminal malware. It infects computers, encrypts data and demands a ransom payment in the form of bitcoins. The encryption is so strong that it has not yet been circumvented. Locky and other ransomware have the potential to become much more than an annoyance.
Recently one case was reported where patient data was encrypted at a hospital. That might seem bad enough but what would happen if computers that control medical devices are infected by the virus and they show a ransom letter instead of doing their job? Documents, photographs, films and other personal data are usually the prime targets for encryption rather than system files and applications. However, databases and license key files have also fallen victim to unauthorized encryption.
Over the last few years, gleaning useful information from massive amounts of data has also become more difficult for IT security and approaches to Big Data and information analysis are a critical topic in this sector. The number of users, end devices, applications and log files are constantly on the rise. At the same time, attackers are becoming more sophisticated and professional while constantly adapting their strategies. Companies are now facing a completely new level of risks and challenges to their IT security operations.
Frequently companies have more than enough data on security events, including successful penetrations and potential vulnerabilities. Enormous volumes of data are generated by network components, storage systems or applications. Security threats buried among this data must be taken seriously, however attacks often remain unnoticed or they are not discovered in time due to a lack of structured data. Analyzing and interpreting this data and deploying a rapid response is almost impossible without specialist software.