Trojans are no longer focused only on financial institutions, but are targeting enterprises of all types, say researchers at RSA, the security division of EMC.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Cybercriminals are collecting information for individuals in all types of businesses as a way of penetrating their IT networks, according to Uri Rivner, head of new technologies, identity protection and verification at RSA.
"Criminals are no longer targeting well-defended networks directly, but are going after people in organisations to steal their login credentials to get inside," he said.
The attacks on Google and about 30 other US companies in late 2009 marked a shift from random, general attacks to targeted attacks, focusing on individuals, he told Computer Weekly.
There is a definite focus on using social engineering to infect employees' machines and then steal credentials as soon as they connect to corporate systems, and organisations need to take that into account, said Rivner.
"Unlike IT systems, users cannot be patched and will always be vulnerable to manipulation and infection," he said.
Businesses need to develop a new approach to defence that does not rely solely on traditional security technologies that typically defend the network. "Enterprises need to understand they need a more intelligent way of defending corporate information," said Rivner.
Behaviour analysis, intelligence on how cybercriminals operate, and threat information sharing networks should be part of any enterprise defences, he said.
"Financial institutions have invested heavily in such systems and reaped the benefits, and I am optimistic other enterprises will do likewise," said Rivner.
In future, businesses from all sectors will start putting more comprehensive defences together in more intelligent ways and sharing threat information, he said.
According to River, only by adopting this approach will businesses be able to stay ahead of criminals who are gathering information from an increasingly wide variety of sources to target individuals within organisation to penetrate their IT systems.