“Threat-hunting” teams are being called upon to combat cyber crime

Posted: 8 June 2018 2:09 pm
News

Businesses need a more proactive approach to security in order to combat the ever-evolving cybercriminal.

Cybercriminals are no longer interested in just a quick heist, they have their eyes set on a full-scale invasion of financial institutions' infrastructure, according to new research from US-based cybersecurity firm Carbon Black.

While a majority of attacks in the past year were one-off instances of ransomware, almost one in ten involved more sinister attacks in which attackers gained access to secondary "command and control centres", allowing them to dwell much longer in the businesses' networked environments.

"From application attacks to fileless malware, destructive attacks enable cybercriminals to move freely and laterally within an organisation’s network – and they often go completely overlooked until it’s too late," chief cybersecurity officer Tom Kellerman said in a statement.

To make matters worse, one in four financial firms say cybercriminals are countering their defences in real time.

That's because business' defences are usually automated, which is no match for the nimble attackers whose skills are always evolving.

So what is the answer? Carbon Black says the solution to this is for financial firms and other businesses to create "threat-hunting" teams that are just as nimble as the attackers.

These are security teams whose job it is to proactively track down signs of intrusion rather than wait for technology to do the job for them.

"Cyber defence is evolving into a high-stakes game of digital chess, and this latest report offers clear evidence that the cybersecurity challenges facing financial institutions will only worsen. Taking a more proactive approach to defence through the establishment of threat-hunting and incident-response teams is imperative to stopping future attacks," Kellerman said.

Aussie regulators also understand the ongoing threat. The Australian Prudential Regulation Authority (APRA) recently developed new measures to help financial firms avoid data breaches and respond more swiftly when they occur.

Firms themselves can go one step further by taking out cyber insurance, which will protect them from business losses due to cybercrime, as well as from potential lawsuits from clients whose data has been compromised.

This type of crime can have a major impact on Australian businesses. In just the first six weeks since the inception of its new Notifiable Data Breaches Scheme, the Office of the Australian Information Commissioner received 63 notifications from businesses whose customers' data was compromised due to cybercrime and other online vulnerabilities.

Business insurance feed

Picture: Shutterstock

Get more from Finder

Ask an Expert

You are about to post a question on finder.com.au:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Ask a question
Go to site