Fujitsu Warns that European Companies are too Slack in Preventing Cybercrime
- Cybersecurity threat list for 2017 from Fujitsu Security Operations Center highlights critical enterprise vulnerabilities
- Unprotected channels into critical systems, banking and smart cities among the most likely targets for cybercriminals this year
- Artificial Intelligence likely to be game changing for cybersecurity and cybercriminals alike
- Greatest risk remains poor IT processes, which will continue to cause avoidable breaches
Based on real-world intelligence in monitoring ongoing security threats, Fujitsu has identified that the most significant cyber threat - the failure to keep up with basic IT security processes - is also the easiest to remedy. Fujitsu security researchers believe that lax security will continue to lead to easily avoidable breaches, noting: “An amazing number of businesses don’t carry out the simple – yet vital – housekeeping tasks that cut down on risks.”
According to the report, immediate measures that all businesses can take to better protect themselves include more effective vulnerability patching, and ensuring that only current users have access to critical systems. What’s more, many organizations are too generous when it comes to system access privileges for regular users. As a consequence, Fujitsu says that companies are “needlessly vulnerable to data loss, data theft or external disruption of their systems”.
One particular weakness identified by the Fujitsu security experts relates to encrypted channels that provide external access to the heart of critical computing systems. These are designed to give remote workers easier access to networks, but when taken over by a cybercriminal, can mean that nefarious activities are largely undetectable. This is due to what Fujitsu describes as “a blind spot, with attacks over encrypted channels being missed due to the lack of SSL inspection capabilities”.
Companies should also be more vigilant in managing banking applications, another hot favorite for criminals. Fujitsu predicts that 2017 will see more attacks to banking payment systems, and expects further growth in banking Trojans targeting older, more vulnerable back office applications. Although international banking networks are moving to establish mandatory controls, Fujitsu states that it “still presents a window of opportunity for cybercriminals”.
Smart cities will also find themselves targeted – with Fujitsu security experts commenting that “many of the protocols designed for smart connected devices have their own potential flaws and vulnerabilities”. Implications could include allowing hackers to disable smart lighting grids in entire cities, Fujitsu warns.
The state-of-the-art Fujitsu Security Operations Center (SOC) – which protects customers by detecting, analyzing and neutralizing threats – also foresees that the increased use of Artificial Intelligence (AI) and machine learning capabilities will become game changers in enterprise security. AI can immediately identify anomalies, for example in web traffic patterns. Such early warning systems allow security professionals to take a proactive approach to risk mitigation, aiming to eliminate threats before they become problems. However, the report cautions that cybercriminals will also be turning to these technologies to launch previously unseen types of attack.
Rob Norris, VP and Head of Enterprise Cybersecurity at Fujitsu in EMEIA, comments: “Every move to tightening up cybersecurity means an exponential decrease in vulnerability. Many organizations have not yet fully realized that when you depend on computing to run your business, then being offline essentially means being out of business. It’s not only financial risk but also the cost of damage to your reputation from data loss and theft. Our new report highlights some easy steps that any organization can take to ensure they are not needlessly exposed to data loss, data theft or external disruption of their systems.”
Notes to editors
Fujitsu is the leading Japanese information and communication technology (ICT) company offering a full range of technology products, solutions and services. Approximately 156,000 Fujitsu people support customers in more than 100 countries. We use our experience and the power of ICT to shape the future of society with our customers. Fujitsu Limited (TSE: 6702) reported consolidated revenues of 4.7 trillion yen (US$41 billion) for the fiscal year ended March 31, 2016. For more information, please see http://www.fujitsu.com.
About Fujitsu EMEIA
Fujitsu promotes a Human Centric Intelligent Society, in which innovation is driven by the integration of people, information and infrastructure. In the Europe, Middle East, Africa and India region (EMEIA), our 28,000-strong workforce is committed to Digital Co-creation, blending business expertise with digital technology and creating new value with ecosystem partners and customers. We enable our customers to digitally transform with connected technology services, focused on Artificial Intelligence, the Internet of Things, and Cloud - all underpinned by Cyber Security. For more information, please visit http://www.fujitsu.com/fts/about/
All other company or product names mentioned herein are trademarks or registered trademarks of their respective owners. Information provided in this press release is accurate at time of publication and is subject to change without advance notice.
Date: 16 февраля, 2017