Stephen Pao, our GM Security Business, takes part in this Marketplace segment on what many are calling, “one of the largest bank heists ever.”
There are a handful of key takeaways from an incident like this:
Patching is extremely important! As Brian Krebs notes here, the malware took advantage of unpatched Microsoft systems.
Hackers are sophisticated, combining spear phishing, known vulnerabilities, and human intelligence. As the Kaspersky report (pdf) notes,
“… they studied the victim´s internal procedures and pinpointed who they should impersonate locally in order to process fraudulent transactions through the aforementioned services.”
Rapid detection is critical to loss prevention. With an average infection time of 42 days, the hackers had time to gather data, learn business logic, and further develop their attack.
“This is just a new frontier. It's a constant game of cat and mouse.” ~Stephen Pao
Barracuda Total Threat Protection is a framework that allows organizations to sure all of their threat vectors, including email, web applications, network security, and more. Our Data Protection Plus initiative helps companies increase productivity, maintain regulatory compliance, and engage in robust information management. Contact us for a risk-free, 30-day evaluation of our solutions.
Christine Barry is chief blogger and social content manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master in Business Administration. She is a graduate of the University of Michigan.