Looking back at recent prolific cyber attack incidents, such as the Sony hack, have reinforced that cybercriminals are relentless and their attacks are showing increasing levels of sophistication.
This was highlighted in the latest annual security roundup report, titled The High Cost of Complacency, released by IT security company Trend Micro.
"All in all, it's a combination of identifying what's most important, deploying the right technologies, and educating users. It is everybody's job - not just that of IT professionals - to ensure that the company's core data stays safe," said Ryan Flores, Senior Manager, Future Threat Research, Trend Micro.
Additional insights from the report include confirmation of Trend Micro's late 2013 prediction that one sizable data breach would occur every month - further proof that organisations need to protect their networks and implement intrusion detection.
According to figures from the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), mobile devices and Internet applications have penetrated into different walks of life. Despite providing convenience to businesses and daily life, it has also created information security risks at the same time.
In fact, HKCERT has handled 3,443 security incidents in 2014, which was twice as many as in 2013. This increase is the result of HKCERT's enhanced efforts in proactive uncovering and handling 'invisible bot machine' cases. As such, mobile users should pay more attention to protecting themselves from mobile attacks.
"The past year was unprecedented in terms of the size and scope of cyber attacks as evidenced by the Sony situation. Unfortunately, this will most likely be only a 'sneak peek' of what is to come," said Flores.
Other key findings of the report include:
- No threat is too small. It does not take a sophisticated piece of malware to cripple a target. Attackers are using a simple wiper to breach company's defenses with devastating effect.
- PoS RAM scrapers came close to becoming a mainstream threat in 2014, as several high-profile targets lost millions of customer data records to attackers month after month.
- New attacks showed that no application was invulnerable in 2014 as attackers branched out into new territory.
- Online and mobile banking faced bigger security challenges and are proving that two-factor authentication is no longer enough to secure sensitive transactions.
- Ransomware became a bigger and more sophisticated threat across regions and segments. And, unlike older variants, it no longer just issues empty threats, but actually encrypts files.
Sign up for CIO Asia eNewsletters.