There are numerous programs that prevent malware and viruses from penetrating corporate networks, but a program is not enough these days. Administrative policies must be implemented to prevent any risk of infection due to careless or uneducated users.
Misuse of office computers does not just reduce productivity and waste time and money. More importantly, it puts corporate network security at risk, jeopardising critical data. Communicating on social networking sites or via IM, visiting entertainment sites, or downloading files from torrents and file sharing services are all common activities. However they all make employee computers vulnerable because these are the resources which hackers most often use to penetrate into a company’s corporate network during targeted attacks.
Targeted attacks are one of the most rapidly developing trends in the field of cyber security. Over the last 3-4 years, both small businesses and world-famous companies have fallen victim to cybercriminals. To get access to their networks, the fraudsters often use social engineering techniques and exploit software vulnerabilities.
The main danger of the targeted attack is its ability to intrude into the corporate network and reach the company’s confidential data by infecting just one computer. From that point on, special malware takes over and finds other vulnerable nodes on the corporate network to provide access to the data that is of interest to the cybercriminals.
Protection technologies can help to avoid such incidents. For example, the AEP (Automatic Exploit Prevention) technology prevents scammers from using software vulnerabilities and even stops so-called 0-day vulnerabilities. With Network Traffic Control technology, system administrators can block dangerous network activity. Application Control blocks the launch and download of unknown programmes. Finally, file/disk encryption can help exclude the risk of data leaks even if a targeted attack is successful.
However, none of the above technologies can effectively protect against a targeted attack unless they are well integrated into the company’s security policies. System administrators and IT security specialists should also use administrative measures to prevent any risk of infection due to careless users or lack of IT knowledge. This includes training users to work safely on their computers, introducing control over access rights and privileges, and scanning systems for vulnerabilities and unused network services.
“Unfortunately, there is currently no technology that can eliminate human error from corporate network security. However, reinforcing security policies with a few relevant technologies provides effective protection against targeted attacks by combating them at every stage – from the first attempt to exploit a vulnerability to attempts to compromise the network,”” said Kirill Kruglov, Senior Research Developer at Kaspersky Lab.
You can read more about protection against targeted attacks in Kirill Kruglov’s article at securelist.com