There are quite a few reputable IT security vendors that routinely publish security findings. These reports serve a rich purpose — to educate online users about cybercrime and to help resellers capitalize on your position as a trusted adviser for your clients. After all, a better understanding of today’s threat landscape can help you guide clients on how to best protect their systems.
Evolving technology trends such as cloud computing, BYOD and sophisticated advanced persistent threats (APTs) directed toward businesses have created a surging worldwide demand for solutions to combat these dangerous emerging threats. According to a September 2014 Gartner Research report, the global tech market will grow by 2.1 percent in 2014 and reach nearly $3.7 trillion. Looking ahead, Gartner forecasts that 2015 will be an even better year for IT vendors, with companies spending $3.9 trillion.
AppRiver, a leading provider of email messaging and Web security solutions, recently released its year-end Global Security Report, a detailed summary and analysis of the malware and spam trends of 2014.
In total, AppRiver quarantined 893 million messages containing viruses in attachments last year, nearly doubling the number from 2013. The security vendor also quarantined 30.5 billion spam messages in its filters, with nearly 5 billion captured in March alone. And, for the first time, more spam originated from North America than from Europe, which together accounted for 69 percent of all global spam traffic.
The report also devotes a special video segment focused on President Obama’s national breach notification standard.
“The Personal Data Notification and Protection Act will establish how companies react to security breaches and will require them to notify customers with 30 days of breach,” said report co-author and senior security analystTroy Gill. “Companies, schools or any other entity handling personal information should be held to a higher degree of scrutiny, because when a data breach occurs, those who stand to lose the most are the victims themselves. From mere headaches to financial ruin, data theft is a growing concern for online users. And so, federal legislation that clearly defines the rules of engagement is a step in the right direction.”
Although 2014 has been dubbed, “The Year of the Breach,” there were plenty of other troubling attacks that kept security professionals busy:
Vulnerabilities: The first major vulnerability of the year was the Heartbleed Bug, or CVE-2014-0160, which was followed closely by Shellshock and POODLE.
Attacks: Botnet-building activity remained high with Zeus, Citadel and other banking Trojans’ help. New advancements to ransomware also wreaked havoc in 2014, with Cryptolocker, Cryptowall and Cryptodefense making headlines.
Cyber World: The attack on Sony caused a series of events to unfold. For starters, the entertainment company’s network was compromised, thereby allowing hackers to access countless documents and emails. The attackers, Guardians of Peace, then released a message threatening a 9/11-type attack to movie theaters showing “The Interview.” The United States responded with sanctions against North Korea as punishment for the cyberattack.
Data Breaches: Target, Beef O’Brady’s, Staples, Home Depot and Sally’s Beauty Supply were among the big-name companies infected with PoS scraping malware last year. The largest single PoS-style breach in 2014 hit Home Depot and exposed approximately 56 million accounts and 53 million customer email addresses between April and September. (This is over half of the total accounted breaches of the entire year and the largest retail credit card incident on record.)
Report co-author, Jon French, adds, “President Obama recently imposed sanctions on North Korea in response to their cyber attack on Sony Pictures. It is the first time the United States has issued sanctions against a country for isolated cyber attacks against a private U.S. company. And, it shows that hackers crossed a threshold that will no longer be tolerated.”
To read more, click here for AppRiver’s 2014 Global Security Report.
Guest blogs such as this one are published monthly and are part of Talkin' Cloud's annual platinum sponsorship.