Charles Leaver – Widespread Cyber Attacks Are Now Starting At Organization Endpoints

From The Desk Of Charles Leaver CEO Ziften Technologies


With the arrival of bring your own device (BYOD) techniques and cloud computing the securing of specific endpoints has actually become more difficult, as administrators could be making ease of data access of higher importance over security. The risks are there nevertheless, because most of the current generation of endpoint security software have not been modified to protect from aggressive hacking and malicious cyber attack methods that target specific endpoints as the launch pad for attacks that are commonly distributed.

There was a very well-known endpoint attack that took place in recent times where a malware strain called Comfoo was utilized to jeopardize the networks of many multinational organizations back in 2010. The Comfoo malware consisted of a variety of custom developed backdoor Trojans and exploits that could constantly disperse malware. A more serious repercussion was that this malware could cause harmful data leakage by scraping account and network details and monitor all user input, according to CRN contributor Robert Westervelt. It is thought that the Comfoo malware could have been a part of an advanced cyber espionage campaign, because of the approach that was used and the evasion of standard endpoint tracking.

Using email phishing and social engineering the malware was able to compromise targeted gadgets, which highlights how ripe endpoints have become for malware infiltration, so says Jason O’Reilly, security executive. When he was speaking to ITWeb, O’Reilly said that traditional endpoint software does not sufficiently account for access from locations beyond the IT department most of the time, and it does not limit data exposure to authorized individuals through using access controls.

O’Reilly mentioned that “endpoint security solutions need to provide layered security that goes beyond signature-based detection just to consist of heuristic-based detection and polymorphic-based detection.” “Today’s networks are exposed to hazards from many different sources.”

Real Time Risk Capturing And Report Creation

The high stakes for control methods and endpoint security were recognized by business consulting firm Frost & Sullivan, as they felt both of these areas were under pressure from both external attackers and the pressing demand from workers for gadget choice versatility.

Chris Rodriguez, Frost & Sullivan analyst mentioned “business IT departments now deal with significant pressure to enable staff members to access the corporate network and files from their own personal devices.” “Considering their seemingly omnipresent nature, quick data connections, and effective hardware and os, these devices represent prime targets for hackers.”

When asked exactly what organizations can do to tighten up on the special weaknesses of mobile hardware, O’Reilly advised that any services need to supply clear and extensive visibility into what is happening on each endpoint so that action can be taken rapidly when any dangers are found.