Malware comes in many flavors. I’m focusing now on one of the most pernicious, advanced persistent threats (APTs), because these frequently use the techniques of zero-day attacks to remotely manipulate a system while remaining virtually invisible to standard defenses.
Targeted zero-day attacks are proliferating — and focusing more and more on smaller businesses because these tend to have weaker defenses. Some security experts say that if your security posture can be bypassed with custom malware, you’re probably already compromised.
The ever-richer user information on social media presents an irresistible opportunity for ‘fraudsters.’ Because it’s so easy to research a target online, attackers have developed very effective masquerading and social engineering tactics that can fool even the most sophisticated users.
As this infographic shows, expanding interconnectivity between organizations and the fast-accelerating mobility of your employees means your IT infrastructure vulnerabilities are increasing quickly.
These days, your end-users have usually become the weakest link in your data security chain, so attacks are shifting from the server side to the client side, notably to mobile devices like smartphones.
Over the last few weeks, I’ve taken a look at what you can do to boost your organization’s IT security. But it occurs to me that maybe I’ve put the cart before the horse.
So I’m going to spend the next few weeks delving into the sort of threats your business’s IT infrastructure faces. And I’m going to start with data breaches and the most recent big-headline example: Zappos (parent company is Amazon.com), which last month admitted it suffered a data breach that compromised 24 million customer accounts.
