Sponsor: Palo Alto Networks

Today’s sophisticated cyberattacks are designed to inflict maximum damage to an organization’s systems and networks, steal sensitive information (such as personal or financial data), and take control of or otherwise render an organization’s systems and networks unusable. Cyberattacks begin by infecting a system on a target network — either by causing users in the organization to unwittingly run malicious code on their servers, desktop and laptop computers, or tablets or by exploiting a vulnerability in a legitimate system or application in order to run malicious code.

Advanced threats have changed the world of enterprise security and how organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before. Controlling these threats requires multiple security disciplines working together in context. Although no single solution will solve the problem of advanced threats on its own, next‐generation cybersecurity provides the unique visibility and control of, and the true integration of, threat‐prevention disciplines needed to find and stop these threats — both known and unknown.

Cyberkriminelle verbessern ständig ihre Bedrohungstaktiken, um effizienter in Organisationen einzudringen und wertvolle Daten zu stehlen. Die Entwicklung der Cyberkriminalität geht mit verbesserten Hackingtools und -techniken einher, die eingesetzt werden, um bekannte Sicherheitsmechanismen auszuhebeln. In den letzten Jahren waren fortschrittlichere, zielgerichtetere Angriffe zu beobachten, bei denen Hacker beträchtliche Zeit mit dem Untersuchen des Ziels und dem Anpassen der Bedrohung verbracht haben.

Les cybercriminels renouvellent constamment leurs tactiques pour percer la sécurité des entreprises et dérober leurs précieuses données. Avec l'évolution du cybercrime, les outils et mécanismes de piratage employés pour déjouer les dispositifs de sécurité connus sont sans cesse plus innovants. Au cours des dernières années, de nouvelles attaques ont vu le jour, plus évoluées et ciblées qu'avant. Pour les élaborer, les pirates informatiques étudient désormais longuement leur cible et peaufinent leurs menaces en conséquence.

Cyberprzestępcy nieustannie opracowują nowe sposoby skuteczniejszego łamania zabezpieczeń oraz zdobywania wartościowych danych. Wraz z rozwojem przestępczości internetowej pojawiają się innowacyjne narzędzia i techniki pozwalające na obejście aktualnie stosowanych mechanizmów zabezpieczeń. W ostatnich latach dochodziło do bardziej zaawansowanych, precyzyjnie ukierunkowanych ataków hakerskich, których sprawcy poświęcali wiele czasu na rozpoznanie celu i opracowanie odpowiedniej metody ataku.

The Forrester Zero Trust Model (Zero Trust) of information security advocates a “never trust, always verify” philosophy in protecting information resources. Though the model has traditionally been applied to network communications, it is clear that today’s cyber threats warrant a new approach in which the Zero Trust model is extended to endpoints. Palo Alto Networks® Traps™ Advanced Endpoint Protection is an innovative endpoint protection technology that prevents exploits and malicious executables, both known and unknown. It has the proven capacity to act as the enforcer for Zero Trust and to serve as a vital component of an enterprise’s security architecture and compliance suite on the endpoint.

Operation Lotus Blossom describes a persistent cyber espionage campaign against government and military organizations in Southeast Asia, stretching back over three years. Nations we have identified as targeted in this campaign include Hong Kong, Taiwan, Vietnam, the Philippines and Indonesia. The Lotus Blossom group deploys a backdoor Trojan, named Elise, after the sports car made by Group Lotus PLC of the United Kingdom.

It is essential that information security practitioners, from management and governance to enablement and execution, stay up to date on the trends, distribution patterns and risks presented by the ever-evolving threat landscape.

No organization today is immune to cybercrime. Cyber criminals are ramping up activity across the globe and utilizing new methods to evade traditional security measures. An effective network security solution must not only prevent known threats from entering and damaging the network, but also leverage global threat intelligence to protect the network from unknown threats. Traditional detection-focused solutions typically focus on a single threat vector across a specific section of the network, leaving multiple areas vulnerable to attack. In addition, these legacy solutions are made up of a “patchwork” of point products that make it very difficult to coordinate and share intelligence among the various devices. By employing the Palo Alto Networks® Threat Intelligence Cloud, businesses can reduce their attack surface, block all known threats, and leverage the global threat community to detect unknown threats and convert them into known, stoppable threats.

Cybercrime is big business. By many estimates, cybercrime is now a US$1 trillion dollar industry. Every organization with digital assets is vulnerable to attack and the growing sophistication of cyber criminals and their evolving tactics only increases the chance of a security breach involving the theft of sensitive data. Effective cyber defense must withstand changes to adversaries’ tactics and tools that traditional, non-integrated “best of breed” approaches cannot address. It must also protect against advanced known threats, as well as unknown threats, which can be challenging to address with legacy solutions. The Enterprise Security Platform from Palo Alto Networks® is a modern approach to providing new defense and resilience in detecting and preventing attacks at every stage of the Cyber Attack Lifecycle.