Η Kaspersky Lab organized the “Cyber Security Weekend” conference in Warsaw (27-30 November 2014), which focused on the latest trends in digital crime and how European businesses can respond to cyber security threats. In this context, experts from Kaspersky Lab's Global Research and Analysis Group and an expert from Europol made presentations on the above themeτα, παρουσία εκπροσώπων από 15 χώρες.
"As an international company, Kaspersky Lab has a broad understanding of the security landscape in the IT sector. We are always very happy to share our experience of digital threats and the protection of individual and corporate assets, said Marco Preuss, Director of Kaspersky Lab's Worldwide Research and Analysis Group for Europe. «Μεταξύ των θεμάτων που συζητήθηκαν ήταν και η ασφάλεια των μικρομεσαίων επιχειρήσεων. Παρά το μέγεθος τους, οι επιχειρήσεις αυτές χρειάζονται προστασία για τα σημαντικά τους data, ακριβώς όπως και οι μεγαλύτερες εταιρείες, ενώ μπορούν εύκολα να πέσουν θύματα των κυβερνοεγκληματιών, οπότε ελπίζουμε ότι η γνώση μας μπορεί να φανεί χρήσιμη γι' αυτές», he added.
Οι ομιλητές της Kaspersky Lab, Marco Preuss και Sergey Lozhkin, Senior Security Researcher της Παγκόσμιας Ομάδας Έρευνας και Ανάλυσης, μίλησαν για the most alarming security incidents of 2014 and presented their forecasts for 2015. They conducted an overview of the Persistent Threats (APT) threats found in 2014, such as Epic Turla, Crouching Yeti, Regin and Dark Hotel, which was recently discovered.
They also focused on malware hazards such as Trojan banking, ransomware and fast-moving mobile threats, as well as the "businesses" running digital criminals during major events (eg the Olympic Games or the Football World Cup).
Also, the company's experts presented the landscape of threats in Europe for 2014, based on Kaspersky Security Network data resulting from Internet and local threats (such as spreading threats on local networks or through USB, CD, DVD). These numbers vary greatly from country to country.
Between predictions of future threats, experts discussed the possibility that large-scale digital threats might be "shared" in smaller and independent groups. This could lead to a broader attack base, with more diversified attacks coming from more sources. The company's experts believe that 2015 will bring more attacks on ATMs and payment systems and more incidents of targeted attacks against banks. It is also estimated that more incidents will occur that will endanger the Internet of Things as well as dangerous attacks against Internet infrastructures, which will exploit vulnerabilities in old source codes.
Also invited to the event was Javier Egea, a member of Europol's European Center for Digital Crimes, who spoke about the organization's goals, functions and solutions. He also presented the different types of digital threats and referred to the recent joint campaign with Kaspersky Lab to deal with the criminals behind Shylock malware. In this context, it highlighted its importance cooperation between the private and public sectors against digital crime.
"Nowadays, digital crime has crossed the geographical borders. Our work extends across Europe. But in order to successfully deal with existing criminal organizations, there should be joint efforts by organizations such as our own, law enforcement and the private sector, including businesses that face threats and are ready to denounce them, "he said.
The issue of finding solutions for threats facing businesses - in particular small and medium-sized enterprises - was presented by Kaspersky Lab's Senior Product Marketing Manager, Kaspersky Lab's Senior Product Marketing Manager Olga Orlova, in collaboration with Marco Preuss and Stefan Tanase, Senior Security Researcher of Kaspersky Lab's Worldwide Research and Analysis Group. According to Global Corporate IT Security Risks 2014”, which was conducted by B2B International and Kaspersky Lab, 61% of respondents reported that they had experienced problems with viruses, worms, Trojans and other types of malware. Meanwhile, according to company representatives from around the world, the average cost of a data security incident was $720.000 for a large company.
To avoid becoming a victim of digital crime, businesses are encouraged to use effective and comprehensive security solutions that meet their needs and enable them to easily manage their IT infrastructure. Like Kaspersky Endpoint Security for Business, these solutions should include auto-prevention technology for exploits that offer security against zero-day threats used by APT threats, phishing websites, and more. Encryption technology can also help in many cases, such as the transfer of sensitive data through cloud services or their protection even if a device is stolen or lost. In addition, it is recommended to use portable device management tools, as more and more are connected to business networks. These and other important technologies should be combined with credible security policies for workers, who are often the weakest links in the security chain.
Protecting the activities of small businesses was a special theme of this year's event. Small businesses often believe that digital criminals don't care about them, mistakenly assuming that fraudsters are after larger and more affluent organizations. However, this complacency gives digital criminals a significant opportunity for easy profit.
This careless attitude can cost them a lot. The data of the research “Global Corporate IT Security Risks 2014” showed that the global average cost of a security incident for a small and medium-sized business can reach $47.000. In Western Europe, this amount is $55.000. This cost includes the loss of business opportunities, the hiring of an external IT partner to correct the problem and – possibly – the purchase of new equipment. The costs are not only financial. 57% of data loss incidents had a negative impact on the overall operation of the business. Also, over half of data loss incidents (56%) have a negative impact on a company's reputation and credibility.
The key to protecting SMEs is to properly shape their security priorities. A small business does not have to start investing in things like data loss prevention or a specialized management console. They can therefore focus on security issues that are critical to themselves or to their industry as a whole, choosing security solutions that can be extended as long as their activities are developed. For starters, a small business needs the basic protection provided by an anti-malware and a firewall. As soon as these businesses become operational and begin to process orders, they need data encryption technology to protect their payment details or information about their customers. If you start hiring out-of-office workers, then it is advisable to adopt a basic mobile security solution.
To protect themselves, SMBs often struggle to choose between consumer software or enterprise solutions. However, some lack basic features, while others are overly complex and expensive. This can lead to wasting time and money and ultimately adopting a solution that does not meet their needs. Therefore, it is preferable to choose a solution tailored to their needs, such as Kaspersky Small Office Security, which will protect their financial transactions, will be easy to use and include critical solutions such as file encryption and server file protection.
