Endpoints Are Now Being Used As The Channel For Malicious Cyber Attacks – Chuck Leaver

From The Desk Of Chuck Leaver CEO Ziften Technologies


With the introduction of bring your own device (BYOD) methods and cloud computing the securing of particular endpoints has become more difficult, as administrators could be making ease of data access of higher importance over security. The risks exist nevertheless, because most of the existing generation of endpoint security software have not been modified to safeguard from aggressive hacking and destructive cyber attack strategies that target individual endpoints as the launch pad for attacks that are extensively distributed.

There was a very popular endpoint attack that occurred in recent times where a malware strain called Comfoo was utilized to compromise the networks of many multinational organizations back in 2010. The Comfoo malware included a variety of custom developed backdoor Trojans and exploits that could constantly distribute malware. A more severe repercussion was that this malware could cause destructive data leakage by scraping account and network info and monitor all user input, according to CRN contributor Robert Westervelt. It is believed that the Comfoo malware could have been a part of an innovative cyber espionage project, because of the methodology that was used and the evasion of conventional endpoint tracking.

Using e-mail phishing and social engineering the malware had the ability to compromise targeted devices, which underlines how ripe endpoints have actually ended up being for malware infestation, so states Jason O’Reilly, security executive. When he was talking to ITWeb, O’Reilly stated that standard endpoint software does not sufficiently account for access from areas beyond the IT department most of the time, and it does not restrict data exposure to authorized individuals through the use of access controls.

O’Reilly stated that “endpoint security services must provide layered security that goes beyond signature-based detection just to include heuristic-based detection and polymorphic-based detection.” “Today’s networks are exposed to risks from various sources.”

Real Time Risk Catching And Report Creation

The high stakes for control techniques and endpoint security were identified by business consulting firm Frost & Sullivan, as they felt both of these areas were under pressure from both external hackers and the pressing demand from employees for gadget choice flexibility.

Chris Rodriguez, Frost & Sullivan analyst mentioned “enterprise IT organizations now deal with incredible pressure to enable employees to access the corporate network and files from their own individual devices.” “Considering their relatively universal nature, fast data connections, and powerful hardware and os, these devices represent prime targets for hackers.”

When asked exactly what organizations can do to tighten up on the special weaknesses of mobile hardware, O’Reilly suggested that any solutions need to provide clear and extensive visibility into what is happening on each endpoint so that action can be taken rapidly when any risks are detected.


Leave a Reply

Your email address will not be published. Required fields are marked *