Patco still uses antivirus, but as Patterson puts it: "I think an AV is worth the investment," he says. Now, two years later, he's taken an inexpensive step that every small business should take to prevent his company from becoming victim to this type of fraud: He's told his bank give him a call before it authorizes any big money transfers. Patterson said his company, Patco, had "good AV" at the time of the attack, but nevertheless it missed the password-stealing Trojan. (Patterson sued last year, a court sided with the bank, but the case is being appealed.) To make matters worse, Patterson's bank, Ocean Bank, says he's responsible for the theft. Some of that cash was recovered, but at the end of the day, about $345,000 went overseas and is gone forever. Over the next eight days, the criminals moved more than half a million dollars out of his account. That's when hackers managed to install a variant of the widely used Zeus Trojan horse program on his construction company's computers and steal the username and password to his corporate bank account. Mark Patterson learned that lesson the hard way back in 2009. "You need to attack the system that they have developed to take advantage of your flaws," he says. "My biggest concern right now and one of the things we're focusing on is information sharing." That means figuring out from his peers what attacks are really happening, and working out ways to stop them.ĭan Guido describes it as going "offensive on security." Figure out who is likely to attack you - hacktivists, online banking thieves, so-called advanced persistent threat groups - and make sure that you can stop the known attacks that these people use. "We need to be smart, we need to be more agile," says Motorola's Carugati. "Not to have malware protection would be foolish," he says.īut spending money on learning how attackers are working, and changing your business to thwart common attack techniques may be a better investment. According to him, the antivirus vendors have been doing a good job lately of beefing up their products and delivering new features beyond basic malware protection adding new features to encrypt files on disk and prevent data from leaking out. Gartner Analyst Ruggero Contu doesn't quite buy the argument that companies are spending too much money on antivirus. Biggest of all, though, is the $6.5 billion firewall market. Consumers will spend even more - nearly $5 billion - on antivirus this year. Research firm Gartner pegs the corporate desktop security software market at $3.4 billion worldwide. I think we overspend on firewalls and antivirus."Ĭorporations do spend a lot of money on antivirus and firewalls. "I think we overspend on the wrong security products," he says. "Do your own log analysis because that is what's going to catch the problems." "Save that money," says Andy Ellis, Chief Security Officer with Akamai, a company that helps websites deliver content on the internet. Much of the money they're spending is better spent somewhere else, such as analyzing the mountains of data logged by software on computer networks for signs of attack. But according to some, businesses should probably spend less on antivirus and other security software.
0 Comments
Leave a Reply. |