Data vulnerability announcements have been rising steadily for both enterprise and government organisations for years. By some accounts, there are as many as 22,000 new malware threats unleashed per day.
Attackers are improving their exploitation tactics greatly, whether to display pop-up advertisements, install spyware to spy on users’ Web browsing habits, insert Trojans or, in this case, use cleverly crafted queries designed to steal passwords and log-in information.
Every day, more than 100,000 Web sites are running with the singular goal of spreading crime ware. These trends, plus vulnerable browsers, can cripple the effectiveness of information security efforts, as end points are compromised and the security of national systems and critical and sensitive information is placed in jeopardy.
It has been suggested that Ghost Shell accessed some sites by attacking the databases many companies use to catalogue and curate website content. To protect against these attacks, organisations must take into account the three core areas hackers can compromise online:
• Malicious People – the potentially dangerous people with whom users interact
• Malicious Places – the potentially dangerous destinations or URLs where users visit
• Malicious Things – the potentially dangerous objects/applications with which the user interacts
More than ever, security needs to be intelligent, scalable, and always available wherever end users happen to work, be it in the workplace, or on a laptop or mobile device. This comprehensive approach is the only way to stop malware, spyware, viruses, malicious content, and other threats in order to prevent these kinds of hacking attacks. There is a gaping hole in today’s approach to security, and organisations are not doing enough to keep data safe. The hackers have taken notice and shifted their attack mechanisms to bypass traditional security measures, and the security industry as a whole must do the same.