Corporate data leaks are the most dangerous threat to IT security today – a fact evidenced by industry development trends, company survey results, market analyses, and related studies.
Internal threats include any harmful actions with data that violate at least one of the fundamental principles of information security (integrity, availability, and confidentiality) and originate from within a company’s information system.
While there are many different kinds of internal threats, the most common are:
- any violations of internal network security rules and procedures that could lead to data theft
- unauthorized searches or viewing, modification, or destruction of confidential data
- brute force password attacks and user installation of Trojans, rootkits and other malicious programs on the network
- targeted data theft using removable storage media such as HDDs, USB Flash devices, card readers, or CDs/DVDs in order to copy and carry
- theft of devices containing confidential data: laptops, hard drives, handheld computers, etc.
- theft of corporate databases in whole or in part
- unauthorized installation of Wi-Fi network connections in order to extract confidential data
- printing important documents in order to remove hard copies from company premises.
These are just a few of the many different kinds of internal threats…
Confidential data breaches are directly connected to business operations risks, since a company can suffer major damage as the result of a data leak:
- clients may be lost if the client base is leaked
- technologies may be lost if technological secrets are leaked
- founders and investors will be displeased if financial information is leaked
- licenses could be lost of confidential data is not properly protected in compliance with federal requirements.
Even worse, a company’s business reputation will be tarnished, which could mean suspending operations – or even closing down completely.
We confront hundreds of thousands of new threats every day and we can see that threat actors are on a constant lookout for new attack opportunities. According to our research, connecting a software license management token to a computer may open a hidden remote access channel for an attacker. Read Full Article
Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe. Read Full Article
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. Read Full Article
In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code. At Kaspersky Lab, we have several sandboxes, we will look at just one of them that was customized to serve the needs of a specific product and became the basis of Kaspersky Anti Targeted Attack Platform. Read Full Article
Let us discuss what defines the profitability of bitcoin mining, what principles for mining speed adaptation were initially embedded into it, and why these principles can lead to the failure of the cryptocurrency in the long run. Read Full Article
Corporate information security services often turn out to be unprepared: their employees underestimate the speed, secrecy and efficiency of modern cyberattacks and do not recognize how ineffective the old approaches to security are. And if there is no clear understanding of what sort of incident it is, an attack cannot be repelled. We hope that our recommendations about identifying incidents and responding to them will help information security specialists create a solid foundation for reliable multi-level business protection. Read Full Article
In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker. Read Full Article
According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017. Read Full Article
In this research we’ll be revisiting the USB port – this time in attempts to intercept user authentication data on the system that a microcomputer is connected to. As we discovered, this type of attack successfully allows an intruder to retrieve user authentication data – even when the targeted system is locked. Read Full Article
In order to recognize relevant threats, our products collect anonymous statistics about potentially dangerous content that a child encounters. As part of this report, we analyze the collected data in our quest for the answer to the question of what interests the current generation of children online. Read Full Article