Want to stop the phishers? Encryption and education is key

Targeted attacks are on the rise, which means it's no longer enough to simply batten down the hatches and hope for the best.
Written by Sam Shead, Contributor

Enterprises need to tighten up security and better educate their staff if they are to protect themselves from waves of targeted attacks on their systems.

According to research carried out by analyst firm Quocirca on behalf of security company Trend Micro, three-quarters of the 300 businesses surveyed in the UK, France and Germany said they had suffered a targeted attack on their network.

But more than half of the the CISOs, IT security directors and senior managers interviewed said they are deploying tools to prevent hackers making these attacks.

Three-quarters of respondents said targeted attacks were a concern to them, and of those one-third said that targeted attacks had already resulted in their organisation losing financial data, business data, personal data or intellectual property.

Trend Micro's VP of security research Rik Ferguson said such attacks usually start off with 'spear phishing' email, which will address someone by name.

"It will probably appear to come from someone you know and it will probably reference real events that have happened because they've done their research on you," he told ZDNet.

The carefully thought out emails will usually contain links or attachments that can compromise PCs if they are opened, according to Ferguson.

"Build a strong perimeter around every individual machine in your network instead of relying on the perimeter of the network itself" — Rik Ferguson

The change in the nature of attacks means that enterprises should reconsider their security strategy, said Ferguson. 

Businesses now need to work on the assumption that they will be attacked, said Ferguson. "Build a strong perimeter around every individual machine in your network instead of relying on the perimeter of the network itself," said Ferguson. He also argued that data should be encrypted and administrators need to audit and control access to that data. 

Advanced technology like automated file sandboxing, network-based threat analysis, deep packet inspection and file integrity monitoring can also be used in the enterprise to tackle targeted attacks. 

Education, education, education

However, deploying new and potentially expensive technologies isn't the only way to protect an enterprise.

Quocirca analyst Bob Tarzey told ZDNet that businesses can also keep themselves safe by providing on-going education to their workforce.

Tarzey believes that staff need to be educated on where threats enter the enterprise. "Threats obviously come from email but it's also via social media and use of mobile devices," he said. 

Tarzey also suggested that employees should be made aware if their organisation does not want them to use personal channels for company business or social media for certain things. 

"That said, employees will act in a dumb way and on some occasions will be cleverly duped – so technology needs to be there to help them avoid that whenever possible," added Tarzey.  

Editorial standards