Research from Cyber Security Provider Indicates Seriousness of Data Breaches
Brazilian President Dilma Rousseff was scheduled to visit the White House on October 23. However, in late September, Brazil and the United States agreed to postpone Rousseff’s visit to the U.S. President Rousseff was livid after leaked documents claimed the U.S. National Security Agency (NSA) spied on Rousseff’s mobile phone and e-mail communications. The report also indicated that the NSA spied on several of Rousseff’s aids and Brazilian energy conglomerate Petrobras. In the aftermath of the NSA scandal, Brazil and Germany began drafting a United Nations resolution on security protocol in electronic communication.
The strained relationship between the U.S. and Brazil presents an example of not only international spying but cyber security challenges, as well. ThreatTrack Security, an advanced cyber security solutions provider, recently published the results of an October 2013 independent survey regarding enterprise security. The survey, which was conducted by Opinion Matters on behalf of ThreatTrack Security, gleaned information from 200 security professionals dealing with malware analysis within the United States. The security professionals said that the United States (37 percent) and China (33 percent) are the countries that are most capable of conducting cyber espionage.
Although malware analysts have the necessary tools to defend against cyber-attacks, the survey indicates that mounting cyber security challenges exist within the U.S. This salient finding from the ThreatTrack survey was reiterated by former Department of Homeland Security Secretary Janet Napolitano. “Our country will, at some point, face a major cyber-event that will have a serious effect on our lives, our economy, and the everyday functioning of our society,” Napolitano said during her farewell speech in August.
57 percent of malware analysts reported they have investigated or addressed a data breach that was never disclosed by their organization. The results of the survey suggest that data breaches have reached epidemic levels, even though experts say that data breaches appear to be underreported. “Every day, malware becomes more sophisticated, and U.S. enterprises are constantly targeted for cyber espionage campaigns from overseas competitors and foreign governments,” says ThreatTrack CEO Julian Waits, Sr.
According to the survey, 84 percent of respondents say that they have the necessary tools to suitably protect their enterprise from an advanced malware attack. Approximately 38 percent of malware analysts believe that it has become easier to defend their company’s network from cyber-attacks.
Online practices present challenges for analysts
40 percent of respondents indicated that not having enough adequately skilled security staff members is one of the most challenging aspects of ensuring that their company’s network is secure. In fact, a number of malware analysts spend a considerable amount of time removing viruses from devices used by upper-level executives. The survey revealed that a device used by a member of executive management became infected with malware because of:
1. Clicking on a malicious link in a phishing e-mail (56 percent).
2. Allowing a family member to use an enterprise-owned device (45 percent).
3. Visiting a pornographic website (40 percent).
4. Installing a malicious mobile app (33 percent).
In a November 11 article about enterprise data breaches, London-based journalist Charlie Osborne writes: “Security vulnerabilities and cyberattacks have become critical problems for companies worldwide.” In 2013 alone data security breaches have occurred at Adobe, Evernote, LivingSocial, and even the Federal Reserve. These recent breaches, the ThreatTrack survey, and former DHS Secretary Napolitano’s remarks offer stark reminders that data breaches are real threats with significant consequences.
To view the results of ThreatTrack Security’s malware survey click on this link:
