Ransomware, Phishing and APTs – Avoid Falling Victim to These Attacks

Print Friendly, PDF & Email

Webinar Dates:
Wednesday, September 7, 2016
10:00 a.m. Pacific Register now

Thursday, September 22, 2016
10:00 a.m. Pacific Register now

These days it’s rare to read the news and for there not to be an article about some sort of security breach. Ransomware and phishing (in its various forms) have been around for years – they aren’t exactly new news. So why are they making headlines?

In short – it’s about big money, bold attacks, and the ability to evade the law. In 2016, the FBI estimates that $2.3 billion have been extorted from CEOs in email scams. Additionally, IDG estimates that 93% of phishing emails are ransomware—and we are barely even scratching the surface. It doesn’t matter how you look at it; if you’re anything like me, you’ll be left wondering when it’s your turn.

The Big Business
of Spam

A Barracuda Labs
Research Project

It’s no longer about a wayward teenager in a basement somewhere planning these attacks—hacking has become organized crime with a viable and lucrative business model. It’s so sophisticated that some of these organizations are behaving like corporate entities. They have HR departments, specialist recruiting arms, and help desks that will educate you on Bitcoin, as well as how to make a quick, yet painful ransom payment so that you can get back your files.

These organizations are now as much about psychology as they are proven hacking techniques. They are all but inserting themselves into your lives. They go to great lengths to patiently watch and learn as much as they can about you: your online life, your professional life, your family and friends’ lives, where you were at a specific time and with whom. Creepy isn’t it?

And then, when they have enough information and the right circumstances, they strike! High-value targets like CEOs and CFOs are preferred, but the statistics show that they really don’t discriminate. They don’t care if you can or cannot afford to pay a ransom fee. In fighting terms, they are attacking the soft tissues that make up both your online and real life presence. They can easily gather this information from various places online, such as social networks where we often let down our guards and share just enough personal information to help a criminal create a very convincing attack. These attackers know that a bit of social engineering is much easier than hacking an organization.

Technology to counter these threats continues to quickly improve. Modern firewalls and security gateways are connected to (near) real-time databases that are updated constantly with the latest threats. These distributed neural-type networks are proving to be highly effective; however, they are only as good as the latest threat. Firewalls are only okay if you’re on the right side of one. Even antispam technology reaching 99% effectiveness leaves a large gap as the volumes continue to rise. Add in our increasingly mobile lives, and it’s a land-grab for today’s attackers. We use numerous devices – mobile phones, tablets, laptops – to access data any time, any where. We store increasing amounts of data in multiple clouds with little thought given to the security of that data – personal photos on iCloud, family updates on personal blogs on WordPress, business plans stored on Dropbox, credit cards stored on Amazon, and the list goes on. The truth is, we make it very easy for attackers to compile profiles on us – and these profiles can then be used for nefarious purposes like stealing our identities or emptying our bank accounts. Put all of this into a business context, and CISOs and network managers are left scrambling to find solutions that protect both corporate data and employees.

Feeling a little unsettled? Well, you’re in good company. The good news is that an attack can be avoided and that the solution is a combination of education and technology.

Speaking of good company, Barracuda is offering a great educational webinar series designed to help you get ahead of these threats.  I’ll team up with some well-known security experts to help you better understand the threat landscape, including the attacker’s perspective on exploitable vulnerabilities and other targeted gaps. We’ll also take a look at some of the biggest risks companies face today with regard to targeted attacks, and how best to avoid them overall.

Our first webinar features a panel discussion on effectively avoiding ransomware and phishing, including newly released results from an enterprise survey conducted by Osterman Research. Industry analyst Michael Osterman, President of Osterman Research, Fleming Shi, SVP Technology at Barracuda, and Sanjay Ramnath, VP of Security Products at Barracuda, will lead this interactive discussion.

We hope you can join us – Register today!

Wednesday, September 7, 2016
10:00 a.m. Pacific Register now

Thursday, September 22, 2016
10:00 a.m. Pacific Register now

 


Darius is a veteran of the network industry, with more than 21 years of experience in networking products, enterprise marketing and business development. He is currently Director of Product Marketing for Security at Barracuda Networks. Connect with him on LinkedIn here.

 

 

 

Scroll to top
Tweet
Share
Share