Today: June 24, 2018, 1:47 am
Computer & Technology

Exploiting Data Breaches by Michael Marriott, Digital Shadows security expert

Comment Article by Michael Marriott, Digital Shadows security expert
Michael Marriott, Digital Shadows security expert
Michael Marriott, Digital Shadows security expert 2017-06-08 07:16:34
High profile data breaches are regularly in the news and, seemingly, businesses and are losing the battle to protect their intellectual property (IP), corporate, and customer data from the threats posed by professional cybercriminals.

It is no surprise that financial gain is the single biggest motivator for cyberattacks. The 2016 Verizon Data Breach Investigations Report highlighted that financial gain and espionage accounted for more than 89% of all data breaches they studies. Financial gain was by far the biggest single reason for attacks, beating espionage and all other objectives into a distant second place.

This is big business for cybercriminals.

To deal with the threats posed by these breaches, organizations, have to get on the front foot when protecting their intellectual property. Firstly, by identifying the location and protections around critical IP, secondly keeping a watchful eye on the types of attackers and the methods they might use to obtain it.

But despite the excitement, which is often rightly directed at new viruses or malware or attack techniques, it is exploit kits that remain one of cybercriminals’ most reliable and trusted delivery mechanisms to embed malware and conduct malicious activity. And, even as an exploit kit gets shut down, others pick up the slack and continue to deliver their payloads.

Our report, “In the Business of Exploitation”, found that the vulnerabilities exploited by the top 22 exploit kits showed that Adobe Flash Player was likely to be the most targeted software, with 27 of the 76 identified vulnerabilities exploited taking advantage of this software.

Understanding the most commonly exploited software, and the most frequently targeted vulnerabilities, can aid in mitigating the threat posed by exploit kits and prioritizing their patching.

To protect their IP it is critical that a company evaluates their security using the perspective of an attacker, which helps prioritize the work to address potential vulnerabilities. This could involve looking at where their organization is exposed on social media sites, points of compromise, and looking for evidence of previous attacks across the visible, dark, and deep web. The military use the term situational awareness, and we believe that it is useful for companies to use this approach when considering their cybersecurity controls.

Companies can therefore remain quick to respond to incidents and limit the consequences of any potential breach. That way they can remove information from public view by issuing takedown requests as soon as an organization finds its information being shared advertised or sold on the web. Similarly, by knowing what information is compromised, passwords can be changed, customers notified and points of weakness fixed.

By being proactive, organizations can tailor their defenses and make better, more informed business decisions. In a world of complexity and uncertainty, this kind of illuminating context is key to preventing vital IP falling in to the wrong hands.

Press Information
Digital Shadows
Conrad Offices, 19th Floor

Sheikh Zayed Rod, Dubai

Sharon Divan

# 471 Words
Related Articles
More From Computer & Technology
ClouDNS launches DNS Failover to keep your [..]
ClouDNS is releasing their brand new DNS Failover service after three months of Beta Testing when they have improved the [..]
Trillium CEO Embarks On "Hack Across America" [..]
Six-month Campaign Raises Awareness about the Threat of Vehicular Cyber-Attacks SUNNYVALE, CA, June 5, 2018 - (ACN Newswire) - [..]
Alleged Cryptocurrency Scammer Zeeshan Najeeb Claims to [..]
SINGAPORE, June 7, 2018 - (Media OutReach) - Block Asia has been investigating a scam incident in the cryptocurrency industry [..]
Huge Scam Happening In Cryptocurrency, Block Asia [..]
SINGAPORE, May 31, 2018 - (Media OutReach) - Block Asia, the first Southeast Asian cryptocurrency news media platform has received [..]
Trillium Announces Vehicular GDPR Assurance Platform
Service enables companies that use vehicular data to comply with EU regulation SUNNYVALE, CA and TOKYO, May 25, 2018 - [..]

Disclaimer: If you have any questions regarding information in this press release please contact the company added in the press release. Please do not contact pr-inside. We will not be able to assist you. PR-inside disclaims the content included in this release.