lolloj - Fotolia
- Kathleen Richards, Information Security
The majority of threats enter enterprise networks through malware delivered via the internet, whether it's by email or malicious websites. How to stop the spread? Thirty years after the internet worm, dubbed the Morris worm after its creator, the security industry still hasn't figured it out.
In 2017, the speed of infection in global malware attacks WannaCry ransomware, Petya and its variants wreaked havoc -- on the bottomline.
Denmark-based oil and shipping giant, A.P. Moller-Maersk, reported an estimated $200 million to $300 million dollar loss in Q2, stemming from a NotPetya malware attack on June 27, which caused a temporary shutdown of critical systems associated with its container shipping business. The business disruption, which negatively affected loading volumes, lasted for several weeks. The attack did not result in a data breach or loss of third party data, according to the company. Maersk expects the majority of the financial impact from the cyberattack to show up in its Q3 results because of lost revenue in July.
FedEx Corp.’s TNT Express subsidiary, acquired in May 2016, also experienced service disruptions worldwide, which the company attributed to the information systems infected by the Petya virus in June 2017. By mid-July, TNT Express was still using manual operations for some processes and reporting service slowdowns. FedEx warned investors that the cyberattack may have material impact on its financial reporting.
In what threatens to become an unpleasant trend, uninsured disruptions and other business fallout from these attacks are increasingly cited as key factors in disappointing earnings reports. Cybersecurity is becoming a ratings boon for CNBC and other media outlets that report on stock markets and financials.
More than a few security professionals are feeling the heat, however, as the industry is forced to take a closer look at the up-leveling of age-old deployment methods, like spear-phishing emails and internet worms, which don't require human interaction to spread.
What else could go wrong? Plenty. With HTTPS deployments on the rise, researchers from top universities and technology companies like Google have joined forces to document growing concerns about the risks associated with traditional man-in-the-middle defenses using Transport Layer Security (TLS) interception.
In this issue of Information Security, we look at the difficulties of implementing TLS properly and the security of those connections after the U.S. Computer Emergency Readiness Team and others sounded the alarm on the increasing use of TLS interception to gain visibility into network traffic. We also revisit the long and twisted journey of computer and internet worms, and their use in advanced persistent threats, including government-sponsored attacks. Where does the security industry -- and global malware -- go from here? Many people are asking that same question.
Should you report ransomware attacks to the FBI?
How threat intelligence can help prevent attacks
Increase employee awareness of ransomware