WE SHOULD BE UNDER NO ILLUSION, "the bad guys are winning the cyber war", network monitoring security firm Endace has warned, stoking the growing concerns of cyber threats facing companies.
Speaking at the National Security Conference in Westminster, London today, VP of marketing for Endace Tim Nichols said that cyber criminals are already in most companies' networks.
Nichols claimed this was because organisations know very little about what's going on inside their computer networks and it's this lack of knowledge and visibility into the types of threats that exposes them to unacceptable levels of risk.
"Best practice now suggests the only safe strategy is to assume that your organisation has already been breached and if you use all of your resources stopping the bad guys in then you've missed the point," Nichols said.
"The point is that the bad guys are more than likely already inside your network. 40 to 60 per cent of the executable files in a firm's network are already malicious."
Nichols advised that the only way for firms to counteract this is to find what's leaving the building, not what's getting in. Using Flame as an example of malware that's facing networks, he said, "Be under no illusion that right now the bad guys are winning this cyber war. There is more stuff getting out and leaving the building than we are stopping getting in."
Senior security researcher at Kaspersky Lab, David Emm, agreed with Nichols' comments.
"It's certainly true that targeted attacks on businesses can be very complex and, because they don't generate anything like the same volume of ‘noise' as a traditional virus or worm, may go unnoticed for a long time," he said.
Emm also advised of the steps that companies should take to minimise the risk, such as the technical measures they can take.
"By patching systems, [companies] can reduce the attack surface by removing vulnerabilities that are often used by cybercriminals," he said.
"By deploying security solutions that use a range of proactive detection technologies, they make sure that they are not simply relying on detecting an infection after the event, i.e. relying mainly on signatures to detect malware. Such proactive technologies include heuristics, sandboxing, behavioural analysis, whitelisting and the use of a cloud-based detection infrastructure."
Pointing to a quote by Robert Mueller, director of the US FBI, Nichols highlighted that today there are two types of company, "those who have been compromised and those that soon will be" and this sets the tone for the way that we as a nation need to start thinking about cyber security. µ
Is restoring from backup really the better than prevention?
Allowed anyone to pinpoint locations visited by customers of SVR Tracking
Hackers gained access to systems using unsecured administrator's account
But Canonical's Mark Shuttleworth doesn't agree