What every CSO must know about preventing online fraud and cybercrime
Headquartered in South Korea and with US HQ in San Francisco, AhnLab Inc. (KRX:053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena for more than 20 years, AhnLab's cutting edge products and services fulfill the stringent security requirements of both enterprises and individual users. AhnLab is the largest software vendor in South Korea.
Rake Narang: Why are consumers still susceptible to online fraud?
Brian Laing: I think the biggest reasons that both consumers and enterprise users are still susceptible to a number of attacks are overall education and lack of understanding. Spear phishing has been the initial infection vector in many of the publicly disclosed attacks: Users receive an email and think that because it has their friend’s or workmate’s name as its source, and it references them directly, that the email must be true. They don’t understand how their friend’s or fellow employee’s account can be hacked and used to send out attack messages. Psychological motivation is also used to infect machines. Users enter basic personal information such as name, address and phone to collect their winnings after receiving an email informing them they’ve won a prize. These attacks are only successful when the user clicks on the link or opens an attachment. Online fraud is not just achieved via email. Cyber criminals are skillful at creating fraudulent web pages that imitate legitimate businesses but actually serve as a tool to collect users’ personal information. With the right education and supporting technologies in place many of these attacks can be avoided.
About Brian Laing
With a distinct mixture of technology, business, and creative expertise, Brian Laing brings 15 years of creative and technical leadership and business vision to AhnLab. Companies have benefited not only from his “big picture” vision, but also from his understanding of the interconnected pathways that accompany it. Brian co-founded RedSeal Systems (raising over $31 million in funding), where he conceived the overall design, the features of the product, and was granted two patents. Prior to co-founding RedSeal Systems, he was founder and CEO of self-funded Blade Software, which released the industry’s first commercial IPS/FW testing tool.
Rake Narang: What are some of the most common but critical mistakes still happening in consumer security?
Brian Laing: Complexity! The overall threat landscape and their solutions is enormous, and users do not understand either one. The developers of security products and security settings do not help. Simply look at Facebook’s privacy settings. How can an average user understand what they want their settings to be, or more importantly, what the settings should be? Users need very simple and clearly defined goals.
Not only are the current security solutions complex, but also many users are unaware that they need them, or even more frightening, that they exist at all. Users were more educated in the early 1990s on the need for some of these solutions since they had to use applications like Norton to keep their systems optimized. Many of the original basic features of these utility packs are now built into Windows. Users have gradually moved further and further away from any understanding of their base system. Typically, the user only learns of security features when the supplied solution that came with their new computer expires and they need to renew their subscription.
Rake Narang: How has cybercrime evolved over the years and will it ever end?
Brian Laing: When graffiti first made its entrance into the public domain it was spray-painted on the sides of subway trains and walls as a new form of artistic expression. It has became so popular that today people pay for graffiti art and an anonymous graffitist is one of the most sought-after artists. Graffiti has spawned tagging, where users simply spray paint their name multiple times and with no artistic merit on the side of overpasses and fences, etc. Cybercrime has taken a similar evolution. The early days of cybercrime were primarily focused on primitive and simple disruption. Attacks rarely had a specific target and were not financially motivated. Now that the main motivator is financial gain attackers are well paid to collect data or to disrupt a specific target.
What we are seeing now is only the start. Cybercrime is becoming organized, and with that comes additional financial gain, which attracts new cybercriminals. These groups are highly focused in their targeting of data. In 2012, we witnessed a number of attacks only targeting blueprint documents in South America. This type of pinpoint focus does not suggest the problem is going away anytime soon.
Rake Narang: What can CSOs do to prevent their business networks from online fraud and cybercrime?
Brian Laing: How do you know you’ve been hit by a targeted attack? In most instances, you don’t—and that’s the point. Organizations are experiencing an increasing number of malicious events and incidents that bypass and penetrate traditional security infrastructures and infect targeted systems. Traditional security solutions such as firewalls, antivirus, intrusion prevention systems and web filters, while extremely useful and valuable for their intended purposes, are all but blind to these new types of advanced and sophisticated threats. It takes a different approach to identify targeted attacks inside an organization.
Security has always been about layering protection using security products from multiple vendors. Best-of-breed solutions at the network perimeter, server/DNS layer and endpoints all have their own strengths, but also have their own limitations. As a result, defense-in-depth strategies often intentionally overlap capabilities between solutions. The result is a more complete shield. Add to this a comprehensive user education program and you increase the difficulty of an attacker breaching your network. With attackers using multiple zero-day attacks, you can never remove this risk. You can only minimize it and limit collateral damage.
2318 Walsh Ave Suite D Santa Clara, California 95051U.S.A.
Founded in: 1995 CEO: Philip Kim Public or Private: Public Head Office in Country: South Korea Products: AhnLab’s products and services include APT protection, anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide. Company's Goals: South Korea’s largest software company, AhnLab recently expanded its global footprint by establishing its U.S. headquarters in San Francisco. As a leading innovator in the information security arena for more than 20 years, AhnLab will now bring its cutting edge products and services to the US market, fulfilling the stringent security requirements of both enterprises and individual users.
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN