Trend Micro's annual security roundup sizes up 2014, from Sony hack to rise of cyber underground, proliferation of ransomware
Complacency no longer an option for enterprise security in 2015.
Prolific cyber attacks against Sony capped off one of the biggest years on record for cyber security. Approximately 100 terabytes of data were compromised and up to $100 million in damages were inflicted during this headline-grabbing incident, as the Trend Micro (TYO: 4704; TSE: 4704) annual security roundup report: "The High Cost of Complacency" analyses this and other notable activity throughout 2014. The year's happenings reinforced that cyber criminals are relentless, with ever-increasing levels of sophistication and tenacity.
"All in all, it's a combination of identifying what's most important, deploying the right technologies, and educating users," said Gregory Anderson, country manager, Trend Micro South Africa. "It is everybody's job - not just the job of IT professionals - to ensure that the company's core data stays safe."
Additional findings include confirmation of Trend Micro's late 2013 prediction that one sizable data breach would occur every month - further solidifying the need for organisations to protect their networks and implement intrusion detection.
"The past year was unprecedented in terms of the size and scope of cyber attacks, as evidenced by the Sony situation. Unfortunately, this will most likely be a 'sneak peek' of what is to come," says Anderson.
* No threat is too small. It did not take a sophisticated piece of malware to cripple a target. Attackers are using a simple wiper to breach company's defences, with devastating effects.
* POS RAM scrapers came close to becoming a mainstream threat in 2014, as several high-profile targets lost millions of customer data to attackers month after month.
* New attacks showed that no application was invulnerable in 2014 as attackers branched out into new territory.
* Online and mobile banking faced bigger security challenges and are proving that two-factor authentication is no longer enough to secure sensitive transactions.
* Ransomware became a bigger and more sophisticated threat across regions and segments. And unlike older variants, it no longer just issued empty threats, but actually encrypted files.
Find the full report HERE.
A blog post regarding the report can be viewed HERE.