ANZ businesses recognising need for protection
Trend Micro has seen an eightfold increase in enquiries in Australia and New Zealand in 2015, after analysts forecast another big year for data breaches.
The security software company says the average data breach costs ANZ organisations millions of dollars, as well as the long term impact on shareholder value and brand image.
Zak Khan, Trend Micro ANZ director of custom cyber defence, says with so many high profile attacks in 2014, organisations are beginning to recognise that prevention is cheaper than a cure.
"All in all, it's a combination of identifying what's most important, deploying the right technologies, and educating users," Khan says.
"It's everybody's job – not just those of IT professionals – to ensure that the company's core data stays safe.
Khan says last year was 'unprecedented' in terms of the size and scope of cyberattacks, as evidenced by the headline-grabbing Sony attack – which Trend Micro says saw about 100 terabytes of data compromised and up to US$100 million in damages inflicted.
"Unfortunately, this will most likely be a 'sneak peek' of what is to come," Khan adds.
"Attackers are both tenacious and persistent in stealing data and intellectual property.
"To effectively deal with this reality, organisations in ANZ need the ability to detect unexpected and unseen attacks and indications of attacker behaviour across all nooks and crevices of their networks.
Trend Micro's annual security roundup report, The High Cost of Complacency, which analyses notable activity throughout 2014, highlights that cybercriminals are relentless with every-increasing levels of sophistication and tenacity.
The report says breaches across industries aided by point of sale Ram scrapers, for one, increase in 2014.
"The year was not solely marred by the biggest breaches seen to date though, as attacks targeting vulnerabilities like Heartbleed and Shellshock in widely used, previously considered secure open source software, as well as FakeID and Same Origin Policy Bypass in mobile devices and platforms were also seen.
"Established processes like two-factor authentication also proved vulnerable to threats, as evidenced by attacks instigated by the criminals behind Operation Emmental.
The report says more crippling attacks against both likely and unlikely targets are bound to be seen as years pass.
"Attackers will always trail their sights on one thing – profit.
"They will continue to indiscriminately hit data gold mines because peddling stolen information is a lucrative business, as evidenced by the thriving cybercriminal underground economy.
The Trend Micro report also highlights that no threat is too small. "It did not take a sophisticated piece of malware to cripple a target. Attackers are using a simple wiper to breach companies' defences with devastating effects.
Also highlighted is ransomware, which Trend Micro says became a bigger and more sophisticated threat across regions and segments.