As technology continues to rapidly develop, it’s no surprise that cyber criminals are becoming innovative when it comes to breaking through network security.
It was just recently that the heartbleed bug made headlines, allowing anyone using the internet to read memory systems protected by compromised versions of the OpenSSL software.
This allowed those wanting to do harm to encrypt traffic while accessing both the names and passwords of users and their important information. Attackers had the ability to intercept communications while being able to steal data directly from businesses or users as they wished.
According to our recent application and usage threat report, it’s not going to get easier for businesses to keep their networks free of malware made to steal data. The report findings are based on analysis of traffic data collected from 5,500 network assessments and billions of threat logs over a 12-month period.
The survey revealed that even social media is starting to be used as a regular means for cyber attackers to sneak into networks. Social media sites or applications are widely used and often trusted, so it’s a natural target for cyber criminals to access networks while stealing data.
While SSL software protects privacy, it can also be leveraged by hackers to hide their malware. According to the report, 30 percent of all applications running over networks use SSL.
This means that it can be difficult for companies to be sure that their encrypted traffic is free of malware, as with the case of the heartbleeed bug. A worrisome aspect - since many cyber criminals target the applications that companies need to conduct their everyday business.
Most significant network breaches start with an application such as e-mail delivering an exploit. Then, once on the network, attackers use other applications or services to continue their malicious activity – in essence, hiding in plain sight.
Knowing how cyber criminals exploit applications will help enterprises make more informed decisions when it comes to protecting their organizations from attacks.
However, there are several critical steps businesses can take to ensure better security of their networks. Companies can create and execute a safe enablement policy for common sharing applications.
It’s important to remember that in order for the policy to be successfully, it must be documented and consistently updated, as well as making sure employees are educated on how to follow it.
Businesses can also avoid risk by controlling unknown traffic. This means carefully monitoring and controlling unknown User Datagram Protocol (UDP) as well as Transmission Control Protocal (TCP) which will help eliminate a significant volume of malware.
Lastly, determining and selectively decrypting applications that use SSL can help businesses uncover and eliminate potential places that cyber threats might be hiding.
While malware will continue to evolve to be more intelligent, making sure the right steps and protocols are in place to mitigate attacks, can help businesses avoid losing critical information and incurring costs from cyber-attacks.
For an infographic on the study please see: https://paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/images/infographics/2014-application-usage-threat-report-infographic.png
Alex Raistrick is VP EMEA of Palo Alto Networks