Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft Exclusive: The war against cybercrime – which side is your business on?

Dr Dzahar Mansor, National Technology Officer, Microsoft Malaysia | Feb. 17, 2015
Microsoft Malaysia's Dr Dzahar Mansor asks businesses in Asia to take stock of their position in the cybercrime war.

Dr Dzahar Mansor, National Technology Officer, Microsoft Malaysia 

Photo - Dr Dzahar Mansor, National Technology Officer, Microsoft Malaysia.


This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

When we talk about cybercrime, we're talking about any type of crime that is committed online. It's also evolving and becoming highly sophisticated by the day. Cybercriminals today are clever, well-funded and know how to exploit the weak points in our "always-connected" digital world.

As more and more businesses, institutions and consumers connect online, the Internet has become a highly lucrative market to exploit and make illegal money. No industry or sector has been spared, and at the end of the day, everyone, whether knowingly or not, is vulnerable. As a case in point - a global economic crime survey conducted by PricewaterhouseCoopers in 2014 notes that one in three survey respondents in 15 different industries said that they had experienced cybercrime. In 2011, it was one in 20. In terms of financial losses, almost 10 percent from these respondents experienced more than US$1Million in the last 24 months.

The unpredictable nature of malware and the devastating effects to businesses
Besides financial losses, cybercrime poses grave risks to computer owners, businesses and general Internet users. This includes bank fraud, identity theft, critical infrastructure and denial of service attacks, intellectual property theft and much more.

Despite these risks, many businesses wind up paying a hefty price for not addressing these threats in a holistic manner, which could have a detrimental effect on people, technology, and governance.

In fact, a recent joint study by the National University of Singapore and IDC estimated that in 2014, a whopping US$315 billion will have been spent by enterprises as the result of the activity of criminal organisations. Moreover, because of its large installed base of PCs and high piracy rate, the Asia-Pacific region will incur more than 45 percent of enterprise losses from malware on pirated software.

Malware, defined as programs that perform unwanted actions on a computer - has the ability to cause catastrophic losses. This isn't just limited to financial losses - an organisation can be easily crippled by compromised trade secrets and security breaches, all of which are opportunity costs to these establishments.

Malware can contain keystroke logger functionality or other similar capabilities that record account credentials as they are entered, which can then be uploaded to sites on the Internet where criminals retrieve the captured information. In many cases, malware can also be installed without knowledge on a victim's computer when they visit a malicious website that exploits an unpatched vulnerability in the user's browser, operating system, or applications.

According to Microsoft's most recent Security Intelligence Report, the malware threat landscape has become extremely unpredictable, resulting in a 5.6 percent increase in encounter rates, quarter over quarter (1st quarter of 2014 to 2nd quarter of 2014) to 35.4 percent in Malaysia alone.

The report also elaborates how the appearance of two new threats (Win32/Rotbrow and Win32/Brantall) and the reappearance of an older trojan (Win32/Sefnit) had a significant effect on worldwide infection rates.

After detection of these malware families declined to low levels at the end of 2013, Sefnit suddenly reappeared in high volume in 2014, once again by misusing commercial software as a stealth distribution method for malware without being detected by major security software vendors, and once again having an outsized effect on infection rates.

The vulnerability behind vulnerabilities
This means that even the older and more familiar threats can resurface and cause harm, notwithstanding the latest threats that are introduced daily.

This deadly combination makes unpatched or unsupported software or operating systems extremely vulnerable to being exploited. Malware can also penetrate and infect an organisation through vulnerabilities in browsers or applications, according to Microsoft's Security Intelligence Report.

Many cyber security experts have also underscored the fact that an organisation is only as secure as its weakest component - which means that one compromised machine is all that's needed to jeopardize the entire organisation. Some of the worst vulnerabilities allow attackers to exploit the compromised system by causing it to run malicious code without the user's knowledge, compromising the integrity, availability or confidentiality of the software. 

Gartner underscored this by stating that vulnerabilities can occur at a moment's notice and cause extended or permanent shutdown of services, and that the severity of the situation is compounded because non-IT personnel often believe that IT can correct any service problem in a reasonable time.

Unfortunately, these unwanted situations can arise where no amount of time, ingenuity or money can restore safe and correct operation. To avoid undesired situations arising from vulnerabilities, Gartner recommends that business decision makers clearly understand the scenarios that lead to impactful shutdowns of service, primarily caused by post-support scenarios, and the options they have to mitigate these business risks, which include migration. Its perspective is one of prevention, citing that there is no certainty or advance timetable for when post-support software may be attacked.

The false assurance of security software
Some organisations and businesses will argue that they're safe from cybercrime because they have adopted some form of security software. However, this claim is not entirely true. Microsoft's Security Intelligence Report explains the challenges of using expired security software.

For instance, users can opt to use a number of popular real-time security products offered in "trial" versions, which include updates for a limited period, but require a paid subscription to receive updates after the trial period ends. However, computers with expired security software are four times as likely to be infected with malware as computers with enabled and up-to-date security software, while computers with out-of-date security software were 3.4 times as likely to be compromised, according to the Security Intelligence Report.

Nonetheless, even if all anti-virus software is installed and up to date, the operating system must be updated as well - if not, the organisation still faces a high risk of their systems being compromised. In short, everything needs to be updated with the latest protection or security patches to minimize cyber security risks.

How to reduce cyber risks in your organisation
Cybercriminals use two basic strategies to penetrate your computer's defences and enlist computers in their botnets - a network of infected machines able to perform malicious, automated tasks over the Internet without your knowledge. They may install malware on a computer by taking advantage of unintended vulnerabilities in its software or by breaking into accounts guarded by weak passwords. The other way is that they will try to trick you into installing their malware.

To strengthen your organisation from cybercriminal attacks, it is advisable to take these steps:
1. Ensure migration of post-support software. End of support for outdated software, operating systems and applications expose your establishment to cyber-attacks. Ensure a good migration strategy or other alternatives to mitigate risks.
2. Avoid the hidden cost of counterfeit software. When purchasing a new PC, always insist on installing a genuine copy of the operating system and avoid deals that seem "too good to be true."
3. Install antivirus and antispyware programs from a trusted source. Anti-malware programs scan and monitor your computer for known viruses and spyware. When they find something, they warn you and help you take action.
4. Keep all software up to date. Regularly install updates for all your software and subscribe to automatic updates wherever possible.
5. Use strong passwords and keep them secret.
6. Never turn off your firewall. A firewall puts a protective barrier between your computer and the Internet. Turning it off for even a minute increases the risk that your PC will be infected with malware.
7. Consider Cloud solutions as an economical, efficient and productive way to secure, access, protect and preserve your data from cybercrime, as your data is not stored on your device when using cloud solutions.


Sign up for CIO Asia eNewsletters.