Cyber criminals continued expanding their list of targets, successfully gaining access to companies both big and small over the past year. While security teams get better equipped to fight off these attacks, breached organizations must now worry not only about stolen data, but also public scrutiny, government inquiries and lawsuits over leaked data.
Companies need to treat their security programs as an evolving process to protect against hacker activities, especially when hackers continue to innovate.
Learn how FireEye is transforming the cyber security landscape to combat today's advanced cyber-attacks.
Five Reasons Small and Medium-Sized Enterprises are Prime Targets for Cyber Attacks
While cyber security breaches of name-brand companies get the headlines, small and medium-sized enterprises (SMEs) suffered more cyber security breaches than large firms, according to Verizon's 2015 Data Breach Investigation Report. SMEs account for up to 90% of all businesses worldwide. They create four out of every five new positions, and account for up to 33% of GNP.
The cost of data breaches can devastate an SME. According to a 2015 Ponemon Institute report, data breaches cost U.S. companies $6.5 million per breach on average, up from $5.85 million in 2014. That amounts to $217 per stolen record, up from $201 the year before. And those figures don’t include potential liability issues for the target or the incalculable damage a data breach can wreak on a business’s reputation.
This paper explains targeted attacks and examines five reasons cyber attackers are aiming at SMEs, along with the steps an SME would have to take to protect itself.
Follow the Money: Dissecting the Operations of the Cyber Crime Group FIN6
FIN6 is a cyber criminal group intent on stealing payment card data for monetization. In 2015, FireEye Threat Intelligence supported several Mandiant Consulting investigations in the hospitality and retail sectors where FIN6 actors had aggressively targeted and compromised point-of-sale (POS) systems, making off with millions of payment card numbers.
All threat groups generally follow a broad operational framework known as the Attack Lifecycle. While the phases of the Attack Lifecycle — from initial compromise to privilege escalation to maintaining presence and completing the mission — are remarkably consistent, the specific TTPs used vary widely based on a group’s skills, motivations and ultimate goals.
The story of FIN6 shows how real-world threat actors operate, providing a glimpse not only into the technical details of the compromise, but also into the human factor as well; namely, the interactions between different criminals or criminal groups, and how it is not just data being bartered or sold in the underground, but also tools, credentials and access.
The Total Economic Impact of FireEye
In May 2016, FireEye commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying FireEye. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of FireEye on their organizations.
FireEye provides cybersecurity against both everyday security exploits and targeted attacks by sophisticated cyberadversaries. FireEye offers several solutions covering security related to network, email, mobile, endpoint, forensics and analysis, file system and storage, and threat assessment, training, and response. This case study will be focused on FireEye customers that have deployed the network security solution, NX. Some interviewed customers have also deployed FireEye solutions beyond NX. Those options will be mentioned, but the primary model and financial results are based on the deployment of FireEye Network Security solution, NX.
2015 was the year where cyber security breaches became public knowledge, more than any time in history. The year saw Mandiant respond to a rise in:
* Disruptive attacks that hold data for ransom or destroyed critical systems
* The mass theft of personal information from targeted companies
* Increased exploitation of networking devices in order to maintain persistent access to targets
The report concludes that a company should invest more in all aspects of their security posture (people, processes and technology) than ever before, regardless of the company's size and business.