Cybercriminals are collecting information for individuals in all types of businesses as a way of penetrating their IT networks, according to Uri Rivner, head of new technologies, identity protection and verification at RSA.
"Criminals are no longer targeting well-defended networks directly, but are going after people in organizations to steal their login credentials to get inside," he said.
The attacks on Google and about 30 other US companies in late 2009 marked a shift from random, general attacks to targeted attacks, focusing on individuals, he told Computer Weekly.
There is a definite focus on using social engineering to infect employees' machines and then steal credentials as soon as they connect to corporate systems, and organizations need to take that into account, said Rivner.
"Unlike IT systems, users cannot be patched and will always be vulnerable to manipulation and infection," he said.
Businesses need to develop a new approach to defense that does not rely solely on traditional security technologies that typically defend the network. "Enterprises need to understand they need a more intelligent way of defending corporate information," said Rivner.
Behavior analysis, intelligence on how cybercriminals operate, and threat information sharing networks should be part of any enterprise defenses, he added.
"Financial institutions have invested heavily in such systems and reaped the benefits, and I am optimistic other enterprises will do likewise," Rivner conitnued.
In the future, businesses from all sectors will start putting more comprehensive defenses together in more intelligent ways and share threat information, he said.
According to River, only by adopting this approach will businesses be able to stay ahead of criminals who are gathering information from an increasingly wide variety of sources to target individuals within organizations to penetrate their IT systems.
This story was first published by Computer Weekly