APT threats and Targeted Attacks are on a rise
Known for endpoint security solution, Kaspersky has observed that with the increasing number of technology platforms, different threats like malware, Advanced Persistent Threats (APT) are also getting detected and targeted attacks are on the rise.
“If we consider the threat landscape in India or across the world, we have seen from the number of samples that different kinds of platforms are coming in. First is IoT, different OS platforms like Mac etc. and mobile which is catching up. Now, what we have seen from the samples that different kinds of malwares are coming in and a lot of APT threats (Advanced Persistent Threats) which are coming out are targeted to a particular organization or a government organization etc. Now, we need to analyze them very minutely and it takes a lot of time to do that. So what we are seeing is one – the threats happening on multiple platforms going up. Second, APT threats accounts companies and targeted attacks that are happening are also on the rise. We also see new kind of attacks like malware, these attacks which are coming in can impact without getting installed on the device itself,” feels Sidharth Mutreja.
Connected Devices & Protection
Talking about the risks associated with the connected devices and measures to be taken to avoid such attacks, Sidharth explains, “First, it is an ecosystem, when you say connected devices, it could be an IoT device like consumer IoT, industrial IoT etc. When an IoT device connects, there are three stages to it - the sensor, the back end infrastructure that is the network which is used to connect and the cloud where the data goes to. So it's a complete ecosystem that you need to create. It is all about how the device collects the data, and how it sends the data. Even in consumer IoT, you can have multiple of sensors connecting inside the house, whether it's a refrigerator, smart TV etc. So it is not about the data that is getting collected, it needs to be secure by design. Second, you need to also ensure that the data when it goes to the backend, getting analyzed, it should be protected.”
Further he adds, “From a device perspective, you need to look at first, do you have default configurations on the device, wherever the device comes or ships out it should not have default configuration. Second, you should patch an update to that device itself. Third is that the communications that you do, for example, most of the times people give their email ids and numbers to various devices, and if those devices are there and if you're not using them then just don't have it because it can be listening devices.
So these are some suggestions, right from patching it up to ensuring the communications, default configurations, the protocols that are they following, and ensuring that atleast these things are also updated to the latest. Finally, you should check the Vendor and from where you are buying the device from.”
Latest Technologies to serve better
Kaspersky has evolved over the period of time and it offers solutions not only for IoT but also identifies APTs. It also has solutions which detects attacks happening within the network infrastructure.
“We have been known for endpoint security for a large period of time. But we have evolved over time, for example, we have solutions where we look for not only IoT, but also detect APTs. We have an anti-targeted attack platform, which is able to detect attacks that are happening within the network infrastructure and then detecting those on basis of number of technologies, for example machine learning models, behavioural analytics, anomalies detection, then alerting and responding, may be taking an action on endpoint. So we built multiple sets of these into not only the endpoint technology but for a datacenter or industrial IoT etc. So for specific verticals we have a lot of solutions,” says Sidharth.
Further elaborating on the latest technologies incorporated in the solutions he says, “So the technologies that are coming up, we are adding the features into the products itself like in anti-targeted attack platform or endpoint security, we built Advanced Exploit Prevention, machine learning models and we also have a bit of behaviour anomaly detection. So we've already taken these new features, new technologies and built it into existing as well as advancing the product lines. For example, we have come up with areas for IoT, how do we do assessment of IoT, we also looking at how do we protect industrial IoT or manufacturing sector, which has fixed processes, we are building solutions and technologies within that also.”