Five Cyber Attacks that Made CISOs Rethink Security

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Five Cyber Attacks that Made CISOs Rethink Security-6 Next

Google AdSense (malvertising)

More than 100,000 new websites come online every single day. When scammers began abusing Google AdSense for malvertising in January 2015, a single webpage would load up to eight different third-party scripts, resulting in the fetching of resources from about 250 unique domains. Because Google does not, and cannot, inspect the exact content served up on its platform, it only takes one of the ~1,600 "certified" ad networks to be hijacked. All of this untrusted and unknown content is executed on unsuspecting endpoints, resulting in a tremendous amount of risk any time a user visits a popular website. In this particular instance, the malvertising was aggressive and was forcing a redirect to a malware-serving page without user interaction. If the attack was subtler, chances are that this would've gone unnoticed for a long time.

Gartner predicts that by 2020, 30 percent of global enterprises will have been directly compromised by an independent group of cyber activists or cyber criminals. Cyber crime is now considered a profession; malware and exploit kits are created and sold with guarantees to evade security controls. Further, Gartner estimates that while businesses spent more than $71 billion on information security in 2014, nearly $400 billion was lost globally as a result of cyber crime.

Security today is based on the premise that one can detect whether something is good or bad (e.g., web, email, files). This premise is fundamentally flawed as malware continues to evade even the latest security technologies. In this slideshow, Menlo Security CTO Kowsik Guruswamy has identified five different malware attacks that have had a profound impact on the cyber security industry.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.