As 2014 draws to a close, many in the InfoSec community are looking back on what has been an eventful past 12 months.
In both scale and sophistication, 2014 has been a game changer. In the first nine months alone there were as many as 1,922 confirmed incidents with criminals managing to compromise 904 million records*. Household names, from Sony and Home Depot to JP Morgan and Kmart, have been compromised and new, ever more potent forms of malware have risen to the surface.
So what made 2014 different?
It essentially all boils down to money. 2014 has presented cyber criminals with many more opportunities to make money quickly and easily, without getting caught. Over the course of the year we've seen exploit kits evolve rapidly, making it much easier for cyber criminals with little technical knowledge to get started. Their success feeds the exploit kit developers and the cybercrime snowball grows and grows.
Undoubtedly one of the most common features of 2014 has been the prevalence of Point of Sale (POS) malware. Where previously this was only a small fraction of the malware market, 2014 has seen a notable spike with a string of high profile, retailers all seeing their POS systems compromised.
In September, US retail giant Home Depot revealed the details of a huge POS breach. The attack compromised the credit and debit card details of 70 million customers, as well as 53 million email addresses. The breach was the biggest in corporate history and to date has cost Home Depot in excess of $43 million, with the final bill only likely to rise.
A bigger playing field
Whilst cyber criminals have exploited POS vulnerabilities, they have also had one eye firmly on expanding their attack surface. The growing use of mobile devices, internet of things and social media have all acted as a vehicle for criminals to steal data or find a way onto the network.
In April, over 500,000 internet sites were exposed to the Heartbleed vulnerability. Residing at the very heart of the internet, Heartbleed may have been exposing users' personal information and passwords to hackers for the past two years.
Though it's clear 2014 has been an eye-opener, for many organizations the response has continued to be reactive by relying on antivirus technologies.
Keeping it simple in 2015
Looking back on the year, its apparent how many of these breaches and malware attacks could have been prevented by taking a more proactive security stance. Many organizations are still over-complicating their IT security by being over reliant on reactive measures such as Antivirus.
If organizations are to make one New Year's security resolution, it should be to create a more holistic and proactive security posture based on DiD (defense in depth) strategies. One which prioritizes simple, yet effective solutions such as privilege management, application allow listing and sandboxing to protect the endpoint.
To find out more about proactive security, and how Avecto’s Defendpoint technology can help, visit www.avecto.com/defendpoint.
James Maude, Lead Cyber Security Researcher
James Maude is the Lead Cyber Security Researcher at BeyondTrust’s Manchester, U.K., office. James has broad experience in security research, conducting in-depth analysis of malware and cyber threats to identify attack vectors and trends in the evolving security landscape. His background in forensic computing and active involvement in the security research community makes him an expert voice on cybersecurity. He regularly presents at international events and hosts webinars to discuss threats and defense strategies.