Q3 2018 Security Update: ISVs Must Focus on Small Business, Latest Cyberthreats

Information you need to keep your clients protected against current attacks

biometric-authentication

You may have the solution that can keep your clients safe from current cyberattacks and security risks. Here are current security challenges your clients are facing and some actions you can take to help them defend their businesses.

Protect Targeted Industries, SMBs

According to Symantec’s Monthly Threat Report, the email malware rate increased each month from the recent low of 1 in 786 in January to 1 in 443 emails in May. This is the highest rate since December 2017, when the email malware rate was 1 in 431.

All industries saw an increase in malware rates, with the greatest incidence in the mining sector, with malware in 1 in 224 emails. Trend Micro’s research into cyberattacks on the mining industry found these businesses are a target due to their position in the global supply chain and “know how to exploit the vulnerabilities that mining companies are exposed to due to heavy reliance on integrated and automated systems.”

Following the mining industry in rate of email malware attack are:

  • Public administration, 1 in 295 emails
  • Manufacturing 1 in 322 emails
  • Agriculture and forestry, 1 in 323 emails
  • Wholesale trade, 1 in 331 emails

Symantec’s security update also reports significantly higher rate of email malware attack on small business, an even higher rate than in our Q2 security update.  Companies with 1 to 250 employees had a malware rate of 1 in 307 emails (up from 1 in 372 in April) compared to 1 in 781 emails for companies with 1,001-1,500 employees.

Action Items
  • Provide solutions that help overcome human error, filter malicious emails, or prohibit opening specific file types without confirmation.
  • Assist your clients as they establish best practices for managing email and maintaining security.
Educate Yourself and Your Clients on Current Attack Strategies

McAfee Labs’ June Threats Report includes news that although PowerShell attacks have decreased significantly — by 77 percent in Q1 — malware attacks using LNK malware increased by 24 percent.  Also, new coin miner malware grew by 1,189 percent in Q1 (yes, we mean more than one-thousand percent). The Lazarus hacking operation is also active again, phishing to infect financial organization and bitcoin users with malware.

In addition, McAfee Labs uncovered “Operation GhostSecret,” a global reconnaissance campaign that uses multiple implants and malware associated with the Hidden Cobra group. McAfee Labs reports similarities with the 2014 Sony Pictures attack and has targeted the financial sector as well as other industries including entertainment and healthcare.

Action Items
  • Ensure your clients have appropriate security solutions in place.
  • See Analyzing Operation GhostSecret for details on this threat in this quarter’s security update.
EMV Reduces Counterfeit Card Fraud

Visa reports that from December 2015 to December 2017, counterfeit card fraud has taken a dramatic, 76-percent downturn among merchants equipped to accept EMV chip cards. Visa also reports that as of March 2018, more than 2.9 million merchants (63% of U.S. storefronts) are now equipped to accept chip cards — a 626 percent increase since the EMV migration began on October 1, 2015. In addition, EMV cards accounted for 97 percent of overall U.S. payment volume in March.

Action Items
  • If you have clients that still do not accept EMV chip card payments, help them avoid becoming targets for fraud and incurring costly chargebacks by helping them upgrade now.
  • Take the role of trusted advisor to assist your clients with a security update that includes encryption, tokenization, and network security including an enterprise firewall.
Be Alert to Changes on the Legislative Horizon

Politico reports the Department of Justice is set to release a report on how its agencies will approach cyber threats. The department could possibly release the report at the Aspen Security Forum on July 19.

For more security updates and insights, visit DevPro Journal’s Security resources page.