Cybercriminals are finding new methods to compromise corporate and government networks, and are increasingly spending more time doing reconnaissance without being detected. These longer-lasting operations are difficult to prevent with many corporations focusing on perimeter-based cybersecurity defense, not considering the idea that criminals may already be inside.
Companies such as Sony Pictures, Home Depot, Target and other major corporations are first breached using spear-phishing attacks or stolen third-party user login credentials - and the problems only get worse from there. Cybersecurity experts recommend creating protocols so companies are able to identify who is accessing data, from where, and how they are interacting with the accessed data. If a cybersecurity audit is completed, then following through with recommended improvements should also be carried out as quickly as possible.
"We are beginning to realize in some cases that the situation is far worse than we realized," said Stephen Hulquist, chief evangelist at RedSeal Networks, in a statement published by Dark Reading. "In some cases attackers have been inside networks for months and even years without being discovered."