The first half of this year saw a growing trend of organisational security attacks such as data breaches and distributed denial-of-service (DDoS) attacks. Furthermore, a series of vulnerabilities including mobile ransomwares and online banking malwares have also helped shaped the security trend.
This is according to recent findings of Trend Micro Incorporated's second quarter security roundup report titled Turning the Tables on Cybercrime: Responding to Evolving Cybercrime Tactics.
According to an Identity Theft Resource Centre (ITRC) study, more than 400 data breaches have been reported as of July 15, 2014, with majority of the breaches occurring in the business sector. The severity of these attacks intensified against financial and banking institutions as well as retail outlets.
Security attacks that involve consumer's personal information in H1 2014 include data theft of customer names, passwords, email addresses, home addresses, phone numbers, and birth dates. These types of personal privacy breaches have affected organisations' sales and earnings while leaving customers unable to access accounts and dealing with service disruption.
This strongly indicates the need for organisations to adopt a more strategic approach to safeguarding digital information. Raimund Genes, CTO of Trend Micro, suggested that the main solution to this problem is a change in mindset. Organisations need to first determine which information they regard as "core data", before focusing on how to strongly protect it.
"Organisations must treat information security as a primary component of a long-term business strategy rather than handling security issues as tertiary, minor setbacks," he said. "Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security."
Increase of attacks against businesses
Besides organisational data breaches, Trend Micro finds that there is also an increase in DDoS attacks. The company noted that DDoS attacks on source respository, Code Spaces, had the most severe impact as it forced the company to go out of business. The second quarter also saw DDoS attacks that targeted Rich Site Summary (RSS) and blog news reader, Feedly. The attack prevented its users from accessing their own information.
The data breaches and DDoS attacks recorded this quarter showed that an organisation-wide strategy is required if companies wish to survive their aftermath. In the report, Trend Micro advised companies to form an incident response team that can spearhead employee awareness programmes focusing on breach and DDoS attack prevention. It is also a good practice to inform customers how their data is protected. And should an incident occur, customers must be informed of remediation and mitigation efforts as well as future plans so concerned organisations can prevent a recurrence.
Sign up for CIO Asia eNewsletters.