Following an onslaught year of massive breaches, 2016 promises to usher in more of the same, but with each breach there was a lesson to be learned, according to a Trend Micro report.That's the sobering prediction from Trend Micro, which summed up 2015 as “a roller coaster ride” that saw attackers infiltrate successfully even U.S. government databases, such as the Office of Personnel Management, as well as major corporate targets like J.P. Morgan, health insurance firm Anthem and prison tech company Securus.
“What can we learn from these incidents?” Trend Micro asks rhetorically, so the industry is better prepared for 2016. “Well, it is clear that government systems need to be better protected against targeted attacks.”
Regarding lessons learned from 2015, Trend Micro said it behooves both public and private sector organizations need to make protecting themselves against the growing threat of targeted attacks a priority.
The dark net has proven to be well adept at launching fairly sophisticated cyber intrusions that fly under the radar of traditional security defenses, the post noted.
Trend Micro suggested organizations implement the following remedial measures:
• Advanced sandboxing capabilities to detect malware in spear phishing emails
• File integrity monitoring and log inspection to improve situational awareness of unusual network behavior and lateral movements
• Intrusion detection/prevention to shield unpatched vulnerabilities
The company marveled at the “sheer diversity” of types of the bad actors behind the threats from “nation states to financially motivated cybercriminal gangs to hacktivists and belligerent insiders.”