Fortinet advises Malaysian firms to prioritise IT network security at the boardroom level and ensure that IT security plans are aligned with business goals and objectives. In the event that a breach happens, personally identifiable information (PII) data could be stolen. The data can not only be sold for use for identify fraud, but also for use in much more believable phishing attacks.
“It’s important to realize that anything happens with one company will often affect many other companies. Direct business partners will be affected and even the most remote company can be affected thus causing a chain of destruction,” said Anthony Giandomenico, Senior Security Strategist, FortiGuard Labs, Fortinet.
“The more information an attacker has about the company, the more they can make that email look real and try to gain the confidence of an authorized user to reveal information that compromises the network’s security.”
Cyber criminals are deploying more sophisticated techniques to compromise a corporate network. One such example is social media and on-line services. In recent times, social media such as Facebook and LinkedIn, as well as online dating sites are gaining ground, the company said. Because of this, attackers are shifting their entry points into user’s devices via these sites through social engineering, preying on human emotions.
According to Fortinet, amongst the new hacking techniques that Malaysian firms need to be aware include:
- Phishing attack
Most likely the number one way hackers gain unauthorized access to company networks. Infiltrators send a phishing email attached with a piece of malware or a malicious link packaged to look legitimate and enticing for users to click. Once the email been clicked, malware will begin downloading itself onto the networks hence beginning its hunt for data. - Drive-by attack
The attackers will compromise a website and install a malicious java script that will redirect an unsuspecting user to another website containing malicious payload (malware) that will then be downloaded in the background to the user’s device. In a targeted attack, the attackers will spend many months researching websites that companies or industries will frequent and infect those websites. - Malvertising
This attack is similar to the drive-by attacks except the attacker will focus on infecting the advertising sites. An attacker can infect one ad site which in turn could infect 1000s of other websites. - Mobile attack
Many attacks against mobile devices are similar to the above listed attacks but specifically targeting the mobile device. In addition, malware can be delivered through SMS messages or they mask themselves as other fun applications such as games or even pornography.
According to Giandomenico, the most common entry point into the network is through users clicking on malicious links. Once the user device is compromised, the attackers will start moving around the network to find the data they are looking for.
“Network segmentation is extremely important because it helps reduce the impact of the breach since a company can isolate the breach to a specific location while not affecting the rest of the network. Also, it allows for sensitive data to be zoned in a higher security area which will give the bad guys a tougher time to exfiltrate data,” he explained.
As corporate networks are too large and complex, organizations will have to define and secure critical data, isolate it and put more granular focus on monitoring the avenues of approach to that data, he said.