Story image

Top security threats for ANZ organisations in 2015

29 Jan 2015

According to Check Point Software Technologies, in 2015 it's imperative for ANZ organisations to protect against zero day malware as well as safeguard SDN, mobile users and IP appliances.

In 2014, IT security was all about the ‘breach’ with one attack after another and 2015 will bring a raft of security dilemmas, says Kurt Hansen, Check Point Software Technologies managing director Australia and New Zealand.

Hansen says, “While IT professionals won’t see an end to security threats it’s also important to remember that every organisation, large and small, can find the right tools and expertise to stay safe.”

Safeguarding SDN is one way organisations can boost security, according to Check Point.

SDN can boost security by routing traffic through a gateway and IPS, thereby reprogramming and restructuring a network suffering a DDoS attack, and it can automatically quarantine any infected endpoints or networks, says Check Point

However, security must be designed into the SDN concept, and because SDN is being increasingly adopted in data centres, targeted attacks will try to exploit SDN controllers to bypass network defences, says the security vendor.

In order to stay secure, organisations need to have measures in place that will block zero day malware, Check Point says.

In 2014, over a third of organisations downloaded at least one file infected with unknown malware, due to obfuscation tools that help attacks slip past even sophisticated solutions, says Check Point.

Of those downloaded, 73% had existing bot infections, with 77% infections active for more than four weeks.

Check Point says this is a disturbing length of time given that the average bot attempts to communicate with its command and control centre every three minutes.

Last year was also when open source vulnerabilities like Heartbleed and Poodle affected nearly every IT operation in the world.

“While organisations may not be able to anticipate the next massive vulnerability, they should understand that flaws in open-source and commonly used platforms offer hackers rich opportunities,” says Check Point.

As mobility gains momentum, organisations need to assess security measures, Check Point says.

According to the security vendor’s global survey of more than 700 businesses, 42% had suffered mobile security incidents costing more than US$250,000 (NZ$335,830) to remediate, and 82% expected incidents to rise during 2015.

Considering the direct access to assets like passwords, email, documents and company networks and applications, smart security practitioners will make mobile security a top priority, says Check Point.

Mobile payment security must also be a priority in 2015, according to the vendor.

Some mobile payment solutions like Apple Pay, Google Wallet and PayPal offer multiple layers of security involving tokenisation and encryption.

However, not all of these systems have been thoroughly tested to withstand real-world threats, and therefore it’s predicted that attackers will be searching out vulnerabilities to exploit, says Check Point.

Another trend that will bring security issues is the Internet of Things. These IP-based appliances often provide criminals with unsecured networks, says Check Point, and organisations should consider the security implications of wearable tech and companion devices that connect to tablets and smartphones.

On top of this, critical infrastructure will be under attack this year, with nearly 70% of critical infrastructure companies surveyed by the Ponemon Institute suffering a security breach over the last year.

Check Point expects more cyberattacks on public utilities and key industrial processes in 2015, namely through malware that targets the SCADA systems that control those processes.

Hansen says it is possible to stay ahead of these potential threats and breaches.

“The evidence is clear: criminals are everywhere, relentless and are evolving but by implementing a multi-layer threat prevention, leveraging a robust threat intelligence network for real-time prevention, and gaining greater visibility through security management, organisations can ensure they are best protected against any potential vulnerability in 2015,” he says.

Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
HPE launches 'right mix' hybrid cloud assessment tool
HPE has launched an ‘industry-first assessment software’ to help businesses work out the right mix of hybrid cloud for their needs.
ADLINK and Charles announce multi-access pole-mounted edge AI solution
The new solution is a compact low profile pole or wall mountable unit based on an integration of ADLINK’s latest AI Edge Server MECS-7210 and Charles’ SC102 Micro Edge Enclosure. 
How Dell EMC and NVIDIA aim to simplify the AI data centre
Businesses are realising they need AI at scale, and so enterprise IT teams are increasingly inserting themselves into their company’s AI agenda.