November 15, 2014
Malicious code is still among the main mechanisms for theft of corporate information. In its trend report this year, ESET Latin America emphasized that the first aspect in the evolution of computer threats is related to the increase in the exploitation of vulnerabilities in Java, a multiplatform technology that has the ability to add new functionalities and is broad use in companies, two attractive features for cybercriminals.
Lack of knowledge of basic techniques for safeguarding information and misuse of computer protection tools by staff increase the vulnerability of companies. The effectiveness of the attacks carried out through Java is due to the fact that cybercriminals host malicious applications on web pages regularly visited by employees and after visiting the compromised site, the infection becomes concrete and affects the computer.
According to Renato de Gouevia, ESET Venezuela marketing manager, another form of common cyber attack is of the ransomware type. “This methodology is being consolidated in Latin America and consists of a malicious code that fulfills the objective of erasing or encrypting information, and then charging for the theft carried out,” said the specialist.
Providing good protection against cybercriminals is a complex task, in which any deficiency represents a risk for the company. For this reason, the ESET representative offered the following recommendations: “It is necessary to implement basic security technology solutions such as antivirus, firewall, antispam and original double authentication systems. It is also essential to back up the most important information on a regular basis and to have data encryption solutions for sensitive information and mobile equipment ”.
Additionally, the expert highlighted the importance of promoting educational and awareness-raising activities aimed at employees, in order to generate adequate criteria in the face of existing threats and establish the best practices in risk situations. “Let us remember that users are the weakest link in the cyber security chain, where many of the attackers today take advantage of the employee to have company information,” he concluded.
[+] Videos de nuestro canal de YouTube