The magnitude of security threats continues to reach unprecedented levels. As an example, according to multiple reports, ransomware grew by a whopping 2,500 per cent from last year.
Security vendors such as Kaspersky Lab have taken the approach to develop a line of products that adapt to the new threats in the marketplace on an on-going basis.
Since most small to mid-size businesses are on a digital transformation path, protecting data has become a high priority as data provides a new competitive advantage to business.
The company’s line of endpoint products features two offerings specific for business: Kaspersky Endpoint Security for Business Advanced and Kaspersky Endpoint Security for Business Select.
Kaspersky Lab’s endpoint security strategy goes further than just protecting endpoint devices.
Rob Cataldo, the Vice President of Enterprise Sales for Kaspersky Lab North America said, in a previous interview on EChannelNews, the lines between hackers are blurring. He said, most of the targeted attacks are nation state-sponsored efforts; this only amounts to just 0.1 per cent of advanced attacks, while 9.9 per cent fall into the criminal category. But those too are highly organized efforts. These two groups are coming together now often making the enterprise more susceptible to advanced threats.
“For the rest of the 90 per cent of attacks; endpoint security is great for prevention or blocking of threats. However, large enterprises have more complicated infrastructures to manage. And, making things more complex is that fact that most of these organizations are on or have started their digital transformation journeys,” he said.
Kaspersky Lab’s line of Endpoint Security starts with a threat intelligence engine with granular controls to provide anti-ransomware solutions.
The company also provides endpoint detection and response (EDR) through a team of experts actively hunting for bad guys with 24 by 7 monitoring and incident response service.
In addition, with the new European General Data Protection Regulation (GDPR) providing a new data protection framework for personal data, Kaspersky Lab has GDPR compliance through its line of endpoint security products.
The company also has a human layer of protection with its own team of 40+ global security experts who scope the planet for the next sophisticated threat.
Recently the Kaspersky Lab Global Research and Analysis Team (GREAT) uncovered an advanced cyber-operation code-named Dark Tequila. The researcher’s found out that Dark Tequila was targeting people in Mexico and stole banking credentials, personal and corporate data through a malware attack that had the ability to move laterally through the victim’s computer when it was offline.
Dark Tequila code was clever to evade detection through multi-stage payloads. Kaspersky Lab techs discovered that the malicious code could spread through infected USB devices and spear-phishing emails.
The GReAT team also found out that Dark Tequila has been in operation since 2013. Through analysis, the team believes that the threat actor behind Dark Tequila is from Latin America because of the use of Spanish-language words in the code and evidence of local knowledge.
Cataldo said this is one of the challenges with the market going through digital transformation journeys. Security teams, he said, are being blanketed with millions of threats and then the challenge becomes finding all the anomalies without seeing the essential symptoms of the attacks.
Kaspersky Lab’s Endpoint security portfolio detects and blocks threats such as Dark Tequila. The company has posted suggestions for business users to protect themselves from spear-phishing and attacks through removable media such as USBs. They are:
- If they are not required for business, block the USB ports on user devices;
- Manage the use of USB devices – define which USB devices can be used, by whom and for what;
- Educate employees on safe USB practices, particularly if they are moving the device between a home computer and a work device; and
- Don’t leave USBs lying around or on display.
Kaspersky Lab also provided advice for non-business users:
- Check any email attachments with anti-virus security before opening;
- Disable auto-run from USB devices;
- Check USB drives with anti-virus security before opening;
- Don’t connect unknown devices and USB sticks to a device; and
- Use a security solution with additional robust protection against financial threats.