5 Flame Security Lessons For SMBs

  /     /     /  
Publicated : 22/11/2024   Category : security


5 Flame Security Lessons For SMBs


Flame malware case offers small and midsize businesses (SMBs) a valuable refresher course in security.



Who Is Anonymous: 10 Key Facts (click image for larger view and for slideshow)
Flame, also known as Flamer, Skywiper (sKyWIper), and Wiper, wasnt created with SMBs in mind, but it can still teach them a thing or five about IT security.
These sorts of things provide us with teachable moments because they are high-profile, said Kevin Haley, director of Symantec Security Response, in an interview. They grab peoples attention, and they may listen for a little bit.
Flame is a highly sophisticated espionage tool that appears to have been used to spy on various governments in the Middle East. Haley points out that, at its core, its simply a piece of malware--one with fundamental goals that dont differ all that much from the kinds of threats that do directly affect SMBs, such as
banking Trojans
. It will attempt to steal information, capture screen shots, steal documents from a machine, he said. There are thousands of pieces of malware that do that, and theyre not all directed just at certain countries; theyre directed at all of us.
[ What is Flame? Read
Flame FAQ: 11 Facts About Complex Malware
. ]
About that teachable moment: Here are five security reminders SMBs should take away from the Flame case as it
continues to unfold
.
1) No security plan is foolproof.
Comforting, isnt it? But its true--there is no such thing as 100% secure, and Ive yet to an encounter a security pro that would argue otherwise. (Some governments in the Middle East would likely agree now, too.) Thats not an excuse to do nothing. When online crooks target SMBs, either via targeted attacks or indiscriminate malware, they usually do so for two reasons: SMBs have more money than the average individual, and they have less security in place than large enterprises. That can make them easy, profitable targets. The SMBs job: dont be an easy mark. Practice
good basic security
at bare minimum. If time and
money
are key challenges, consider a
risk-management approach
--more on that below in number five.
2) You might not know it if youre infected.
Flames just now
coming to light
, but it has existed since 2010--and possibly as far back as 2007. Even if youve got strong security controls in place, you might not necessarily know if youve been infected by malware or other means. Most malware is written to be very stealth and not let you know that its on the machine, so what Flame does is very typical, Haley said. Robust, current security technology is a good first step toward minimizing the chance of undetected breaches--the straightforward anti-virus programs of yore arent likely to cut it. Haley also advises SMBs take steps to eliminate spam in their corporate email accounts; the bane of inboxes continues to be a favorite delivery method for malware makers. Expect social media to continue to grow as a malware vector, too. Haley thinks SMBs need to be thinking about social risk and actively monitoring their accounts for unusual activity.
3) Attacks are increasingly sophisticated.
The
complexity
of todays security threats almost make you long for the good old days of the
Wazzu virus
. Flame appears to have reset the bar. For SMBs, its a reminder that a set-it-and-forget security plan is a recipe for failure. What worked in 2010 probably wont pass muster in 2012. You really need to review everything [periodically], Haley said. Thats important even if you outsource security to a consultant or other vendor. If time is an issue, an annual review is better than none at all. Depending on how much a particular company invests in security--or doesnt--it might want to consider more frequent checks on its technologies and processes to ensure its keeping up with the times.
4) Reputation harm can be expensive.
The fallout from the Flame revelation is just getting started, but its safe to say this is a public embarrassment for the affected governments. For SMBs, its a reminder that security breaches dont necessarily need to hit your bank account to be costly. A website that gets co-opted into a malware host, for example--theyre at an all-time high, according Symantecs most recent annual security report--could have a difficult time earning back the trust of its customers and other visitors. Likewise, data theft can be both embarrassing and expensive.
Its bad enough if you get your money or your customer list or some sort of intellectual property stolen, Haley said. But also the damage of the publicity from it could be really crippling to a business. Some people may be reluctant to do business with you if they think that you cant keep your information secure.
5) Prioritize your most important assets.
A sound strategy for some SMBs is simply to not try to protect everything. Rather, identify your most valuable assets--banking credentials and other financial information, customer databases, and intellectual property, to name a few examples--and focus your efforts there. That can help resource-strapped organizations minimize their vulnerabilities in a practical manner rather than waving a white flag of surrender.
Thats the issue: Businesses just dont think about it. They go: Ah, theres nothing anyone would want to steal from me and thats the end of it, Haley said. Its really worth investing the time to just sit down and [ask]: What are my risks and what do I really need to prioritize and protect? And if you cant do it yourself, get someone to help.
Employees and their browsers might be the weak link in your security plan. The new, all-digital
Endpoint Insecurity
Dark Reading supplement shows how to strengthen them. (Free registration required.)

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
5 Flame Security Lessons For SMBs