RSA Europe 2010: Trojans are going after all businesses, not just banks, says security expert

Trojans are no longer focused only on financial institutions, but are targeting enterprises of all types, say researchers at RSA…

Trojans are no longer focused only on financial institutions, but are targeting enterprises of all types, say researchers at RSA, the security division of EMC.

Cybercriminals are collecting information for individuals in all types of businesses as a way of penetrating their IT networks, according to Uri Rivner, head of new technologies, identity protection and verification at RSA.

"Criminals are no longer targeting well-defended networks directly, but are going after people in organisations to steal their login credentials to get inside," he said.

The attacks on Google and about 30 other US companies in late 2009 marked a shift from random, general attacks to targeted attacks, focusing on individuals, he told Computer Weekly.

There is a definite focus on using social engineering to infect employees' machines and then steal credentials as soon as they connect to corporate systems, and organisations need to take that into account, said Rivner.

"Unlike IT systems, users cannot be patched and will always be vulnerable to manipulation and infection," he said.

Businesses need to develop a new approach to defence that does not rely solely on traditional security technologies that typically defend the network. "Enterprises need to understand they need a more intelligent way of defending corporate information," said Rivner.

Behaviour analysis, intelligence on how cybercriminals operate, and threat information sharing networks should be part of any enterprise defences, he said.

"Financial institutions have invested heavily in such systems and reaped the benefits, and I am optimistic other enterprises will do likewise," said Rivner.

In future, businesses from all sectors will start putting more comprehensive defences together in more intelligent ways and sharing threat information, he said.

According to River, only by adopting this approach will businesses be able to stay ahead of criminals who are gathering information from an increasingly wide variety of sources to target individuals within organisation to penetrate their IT systems.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.