A new managed security monitoring service from EMC Corp. addresses the mounting risks to enterprises as cybercriminals are increasingly designing ways to use the corporate data they come across during consumer-oriented attacks, said one executive.
The Hopkinton, Mass.-based information management vendor announced RSA Cybercrime Intelligence Service this week, designed to let IT administrators and security professionals identify machines, information assets and user identities that have been compromised by cyberattackers and adjust security controls accordingly.
Sean Brady, senior manager for identity protection and verification at RSA, said enterprises are at risk of cybercriminals leveraging data stolen while targeting consumer data like credit card and banking information.
“Our belief is that this year and moving forward, (cybercriminals) will begin to notice this data and figure out how to monetize or otherwise use it in some fashion,” said Brady.
But as of yet, Brady said he hasn’t observed such cybercriminals actively using enterprise data.
Another reason for offering the service, said Brady, is the lack of awareness of external security threats to the enterprise security professionals. “But we found that nobody was really talking about it or making it personal to information security executives and saying this is how the problem impacts you,” said Brady.
Recent research by the RSA Anti-Fraud Command Center shows the networks of Fortune 500 companies have suffered a large number of attacks. Specifically, 88 per cent of organizations reported their systems had been compromised by infected machines, of which 60 per cent had e-mail account information stolen.
Earlier this year, Google Inc. disclosed that its network had fallen victim to China-based cybercriminals who have traditionally been seen attacking non-corporate targets. It’s an admission by Google that has led some security experts to suspect that such highly skilled hacker groups have begun to broaden their target radius to corporate networks.
“If you have not yet identified systems within your enterprise that have been compromised through these advanced attacks, you probably are very lucky, or you aren’t looking closely enough,” said Amit Yoran, former director with the U.S Department of Homeland Security’s National Cyber Security Division.
Having real-time knowledge and awareness of the threats that may be attacking the corporate network is essential to protecting enterprise users, said Sally Hudson, research director for security products at Framingham, Mass.-based research firm IDC Ltd.
“Many enterprise IT professionals accept ‘good enough security,’” said Hudson. “However sophisticated (the security defenses), targetable malware technology makes it difficult for security controls to defend the enterprise from organization criminal threats.”
Follow Kathleen Lau on Twitter: @KathleenLau
With files from Jaikumar Vijayan, Computerworld U.S.