Information Security

Defending the digital infrastructure

In This Issue

iSTOCK/GETTY IMAGES

Manage

Beyond the Page: Advanced Persistent Threats, Ransomware and More

The era of mobile, cloud and the Internet of Things is also an era of advanced persistent threats, ransomware and more. Here's how to stay secure.

Johannes Ullrich

By

Johannes Ullrich, SANS Technology Institute

Having better security than your neighbors may not be enough anymore as malicious actors move beyond “spray and pray” tactics to advanced persistent threats aimed at specific organizations and industries. Targeted attacks, as the Sony incident illustrated, are often for financial gain through extortion and threats to expose or delete sensitive data. This Beyond the Page outlines the top threats in 2015, from the invasion of digital things and undetected data loss to advanced DDoS attacks and crypto ransomware. We cover countermeasures to help organizations defend against evolving attack techniques and detect intrusions faster to minimize the damage.

Feature

Defending against the digital invasion

The confluence of the Internet of Things and BYOD may turn into a beachhead that attackers can use to completely compromise your network.

Continue reading

Video

Internet of Things devices and crypto ransomware at work

The next wave of cyberthreats will combine two trends in new ways, says SANS' Johannes B. Ullrich, head of the Internet Storm Center. In this video, he explains the threats and countermeasures for the Internet of Things devices and enterprise crypto ransomware.

Tech tip

Network-based controls: Securing the Internet of things

Securing the Internet of Things is challenging for enterprises. Here's a list of controls that you should already have implemented in your network.

Continue reading

Read the full April edition of Information Security magazine

Article 4 of 7Next Article

This was last published in April 2015

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

Get More Information Security

Access to all of our back issues View All

E-Zine | Oct 2003

Chain of command: Inside Prudential's security management program

E-Zine | Feb 2006

Best-of-breed: Security Products of the Year: 2006

E-Zine | Aug 2008

Everything you need to know about today's information security trends

E-Zine | Dec 2009

Step-by-step guide to avoiding basic database security risks

E-Zine | Nov 2011

Effectively navigating the security risk assessment process
E-Zine | Mar 2011

Best practices for securing virtual machines

E-Zine | Oct 2015

Emerging security threats from every which way
E-Zine | Sep 2015

Five ways CIOs build hybrid cloud security
E-Zine | Aug 2015

Is third-party vendor management the next IAM frontier?
E-Zine | Jul 2015

Insider Edition: Advanced security monitoring scrubs networks clean

E-Zine | Dec 2016

Dedicated CISO job still open to debate
E-Zine | Nov 2016

Insider Edition: Improved threat detection and incident response
E-Zine | Oct 2016

Identity of things moves beyond manufacturing
E-Zine | Sep 2016

Cloud governance model still behind services

E-Zine | Dec 2017

Will it last? The marriage between UBA tools and SIEM
E-Zine | Nov 2017

Next-gen SOC: What's on your automation roadmap?
E-Zine | Oct 2017

What does a CISO do now? It's a changing, increasingly vital role
E-Zine | Oct 2017

Growing data protection risks and how to manage them

E-Zine | Dec 2018

Allure of the threat hunter draws companies large and small
E-Zine | Oct 2018

User behavior analytics tackles cloud, hybrid environments
E-Zine | Aug 2018

Security data scientists on how to make your data useful
E-Zine | Jun 2018

CISOs face the IoT security risks of stranger things

E-Zine | Nov 2019

AI threats, understaffed defenses and other cyber nightmares
E-Zine | Aug 2019

Managing identity and access well unlocks strong security
E-Zine | May 2019

Conquering cloud security threats with awareness and tools
E-Zine | Feb 2019

CISOs build cybersecurity business case amid attack onslaught

E-Zine | May 2020

Why CISOs need advanced network security strategies now
E-Zine | Feb 2020

Getting the most from cyberthreat intelligence services

-ADS BY GOOGLE

SearchCloudSecurity

Privacy-preserving machine learning assuages infosec fears

Implementing privacy-preserving machine learning controls, such as federated learning and homomorphic encryption, can address top...
How Azure, AWS, Google handle data destruction in the cloud

Data destruction is a topic that has been poorly covered until recently. Regardless of which cloud service provider you use, this...
Multi-cloud security strategies rely on visibility, uniformity

More companies are instituting a multi-cloud strategy that creates unforeseen security challenges. In this tip, get answers to ...

SearchNetworking

Evolution of WLAN technology improves data rates, security

WLAN technology has evolved dramatically -- most notably, in terms of network speeds and security. Innovations in Wi-Fi 6 show ...
Future of wireless communications unifies 5G and Wi-Fi 6

The future of cellular, Wi-Fi and other wireless communication networks will see these technologies unify to support faster ...
SASE market emerges as the 'wave of the future'

Secure Access Service Edge is the latest technology to garner industry buzz in networking and security. Although it's still ...

SearchCIO

Dell, PwC, Peapod accelerate digital transformation initiatives

Several organizations have made the decision to continue with digital transformation efforts during the pandemic to better ...
4 ways CIOs can drive IT cost savings during the pandemic

Here are four ways to drive tech savings amid the COVID-19 pandemic that can both yield quick wins and position organizations to ...
Post COVID-19 strategies for CIOs on leading through crisis

To see their companies through the current crisis, CIOs should consider these five strategies focused around IT budgets, ...

SearchEnterpriseDesktop

Microsoft launches Windows File Recovery tool

Despite the prevalence of cloud storage and data backups, important files are still lost. Microsoft's Windows File Recovery tool ...
Citrix microapps look to ease office reopening

With new Workspace microapps, Citrix is looking to make it easier for offices to reopen. Company representatives said the tools ...
VMware Workspace One unifies reshaped digital workforces

As companies struggle to rebalance their on-site and remote digital workforces in the wake of COVID-19, Workspace One helps ...

SearchCloudComputing

Oracle Cloud at Customer adds Dedicated Regions

Oracle has added Dedicated Regions to its Cloud at Customer managed service. Now customers can consume all of Oracle's ...
How to evaluate cloud certification training

Cloud computing has changed the role of certifications. See why you're better served by breadth rather than depth of knowledge, ...
What's behind cloud providers' push for custom hardware?

The nature of the cloud market demands innovation, and custom hardware might be the next move for the major vendors in this space...

ComputerWeekly.com

Oracle ups ante in cloud wars with dedicated customer regions

Oracle’s Dedicated Region Cloud at Customer will let enterprises run an entire cloud region in their own datacentres in a ...
Pavilion adds object storage to NVMe Hyperparallel Flash Array

Pavilion responds to customer demand for object storage to support AI/ML, big data analytics workloads with multi-controller NMVe...
World’s first 5G eSIM service goes live

Virtual SIM card plan claims to offer pathway to connect users instantly to the world’s fastest mobile network in select ...

Close