Collaboration and education key to fighting cybercrime

The impact of the current threat landscape

Increasingly advanced malware threatens the Enterprise

With the threat landscape constantly shifting and evolving, the fight against cybercrime is never truly over.

Organisations are therefore under pressure to stay updated with the latest online threats and must work incessantly to mitigate the risk they pose to their business.

To find out what areas of defence companies need to be prioritising amid the current threat landscape, we spoke to Malwarebytes' Malware Intelligence Analyst, Chris Boyd.

TechRadar Pro: Have you noticed the threat landscape differing year-on-year?

Chris Boyd: Threats don't tend to shift too dramatically from year to year but rather gradually iterate pre-existing versions, progressively evolving and often becoming more clever and nefarious in their newer forms.

There is also a trend for more threats to become more targeted in how they try to infiltrate organisations, collecting information about particular individuals and using this to tailor an approach.

TRP: What advice do you have for businesses still using Windows XP devices?

CB: Invest in hardware able to run newer versions of Windows - the safety of your data and your business as a whole are at risk and the longer a company sticks with its XP devices, the higher the risk of infection becomes.

Of course it's not always possible for a business to commit to investing in IT, but at the very least companies should consider using a version of Linux with low system requirements which will do most - if not all - of what you need on a day to day basis.

TRP: What kinds of threats are enterprises typically faced with right now?

CB: Spear phishing and targeted malware are still the key players in the enterprise arena, but exploits and social engineering are always waiting in the wings ready to strike.

The smartest attackers will attempt to combine these different approaches into one blended attack - the "Advanced Persistent Threat", or APT - which is a sustained and low visibility assault on a corporate network which can take a long time to detect and shut down.

By then, significant damage may have been done to the target in terms of data stolen, financial impact and negative publicity.

TRP: What should they be doing to better-protect their company?

CB: Companies should take some time to educate their workforce on the threats they are faced with. This will pay dividends in the long run, especially if your employees are stuck on increasingly vulnerable XP desktops.

TRP: What are different industries doing to better secure themselves from potential attacks?

CB: There's a greater awareness of the need to protect against blended threats and many are investing in a variety of technologies to fight against threats such as anti-exploit software and other forms besides traditional antivirus to better shore up their networks.

But there still needs to be more investment in the area of educating employees. A significant amount of threats enter enterprise networks due to a lack of knowledge.

Greater inter-industry collaboration is also important. Initiatives such as Operation Walking Shark, which foster information sharing and a co-ordinated response, are very valuable.

TRP: What, if anything, can be done on a government level to prevent an increase in enterprise IT security threats?

CB: The Police Central e-Crime Unit continues to be a visible player in the UK fight against cybercrime. It is important for such agencies to be on the front foot and where possible, co-operating with other international agencies to share intelligence.

TRP: Will the BYOD trend make malware a bigger issue for enterprises?

CB: Many businesses are already tackling this head-on and keeping BYOD devices on separate, non-critical networks where possible.

In some cases this isn't a practical approach, and the pros and cons of personal devices being used in the workplace need to be closely looked prior to deployment. It only takes one rogue device to cause days of fixing for the IT support team.

Article continues below