Light Dark
March 3, 2015 By Rohan Ramesh 3 min read
Endpoint
Network

Though cyberattacks dominated the news in 2014, with companies such as JPMorgan Chase, Target and Home Depot suffering from breaches, cyberattacks aren’t limited to only big companies. Brand recognition matters little to cybercriminals, and organizations of all sizes have been victims of a data breach. This trend will likely continue in 2015, with attacks growing not only in number, but in sophistication, as well.

The following is a look at a handful of the most damaging threats of 2014 and how they changed the corporate conversation on data security and protection:

Home Depot Data Breach

In this breach, cybercriminals compromised more than 56 million credit card and debit card accounts, along with 53 million customer email addresses. They used the stolen email information in multiple phishing scams that targeted unsuspecting customers. Similar to the Target breach, attackers used stolen credentials from a third-party vendor and exploited an unpatched vulnerability in Microsoft Windows to compromise the company’s point of sale devices. According to Krebs on Security, they targeted the 7,500 self-checkout lanes, which were clearly referenced as payment terminals by the internal systems.

Heartbleed Bug

The Heartbleed bug existed for two years before it was discovered as a vulnerability. It exists in the very popular OpenSSL data encryption standard that reportedly affected more than 500 million websites at the time of discovery. Several organizations were breached through this exploited vulnerability, including the Canada Revenue Agency, where more than 900 Social Insurance Numbers were compromised in just a matter of hours.

Bash Bug

This bug, which had gone unnoticed for more than two decades, let cybercriminals execute malicious code within a bash shell, the typical command prompt on PCs, Macs and Linux machines. This let them overwrite authentication information and gain access to confidential information by taking control of the operating system. Since this vulnerability existed for such a long time, it also affected many older systems whose operating systems were no longer supported with patches to fix the vulnerability.

JPMorgan Chase

In this breach, cybercriminals gained access to names, addresses, phone numbers, email addresses and internal JPMorgan Chase information for more than 83 million accounts. The source of the attack that led to the data breach was discovered to be an overlooked network server that was missing a simple security fix that enabled two-factor authentication.

Why You Need to Act

While it is impossible to anticipate every attack and prevent every data breach, it’s important to be equipped with the following tools and security programs to have an integrated threat protection system that protects your company’s data and minimizes the risk and damage caused by an attack:

  • Comprehensive Asset Discovery: You can’t protect what you can’t see. It’s vital to ensure you have visibility into every endpoint within your organization regardless of whether it is fixed, mobile or remote.
  • Install Two-Step Authentication for Logins: This simple security fix ensures additional protection against a potential breach in case of lost or stolen passwords.
  • Real-Time Situational Awareness and Incident Response: You need to have a tool that can give you real-time visibility into your endpoints with the capability to ensure automatic quarantine and immediate remediation of all your endpoints, wherever they are located.
  • Automated Patch Management: Having an efficient automated patch management solution that can find vulnerable endpoints and apply required patches within minutes or hours can reduce the window of exposure to any potential threats.
  • Vulnerability Management: Having an efficient vulnerability management system would ensure the most vulnerable endpoints are patched and secured first by analyzing the risks associated with the various vulnerabilities and identifying the priority of remediation through patches and configuration management.
  • Mobile Threat Management: Given the shift to an increasingly mobile workforce, mobile malware is the next big security threat to every enterprise. With employees using a number of apps and devices to increase productivity, your enterprise is susceptible to rogue and malicious apps compromising your data.

How IBM Can Help

IBM Security provides you with the right tools to ensure you are well-equipped to face increasingly sophisticated advanced threats. The following solutions are designed to disrupt the life cycle of advanced attacks with a three-pronged approach that helps you prevent, detect and respond to threats:

  • IBM BigFix™ ensures your endpoints are in continuous compliance with various security and operational policies. With real-time visibility into your endpoints and automated custom remediation capabilities, it ensures your organization is equipped with a real-time situational awareness and incident response system.
  • IBM MaaS360™ lets you provision, secure and manage your mobile devices, apps and content — all from a single portal — while minimizing risk to your organization.
  • IBM QRadar SIEM™ consolidates log source event data from thousands of device endpoints and applications distributed throughout a network. It performs immediate normalization and correlation activities on raw data to distinguish real threats from false positives.
  • IBM Security Trusteer Apex™ Advanced Malware Protection provides protection against unknown, zero-day threats and advanced malware without affecting user productivity. This software protects endpoints throughout the threat life cycle by applying an integrated, multilayered defense that breaks the attack chain and preempts infection.
 |  |  |  |  | 
Rohan Ramesh
Senior Product Manager

More from Endpoint
November 28, 2023

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature