Pedro Uria: “The problem for information security will not be malware, but hackers”
Only a few weeks are left before the European summit on information security. The Panda Security Summit ( PASS2018 ) will be held in Madrid on May 18, a landmark event for IT directors and security service managers.
At the summit, experts from companies such as Gartner or Deloitte will present their prospects and analysis of the global panorama in the field of information security, as well as talk about trends in the development of protection and threats. Summit participants will also be able to see the results of the PandaLabs antivirus lab, which coordinates various information security techniques. We decided to talk with Pedro Uria, the director of the PandaLabs laboratory, in order to first learn the main points of his speech at the summit, where he will explain how enterprises should provide their protection, security and stability in an era when the main problem is no longer related to malware.
PANDA SECURITY (PS): What is the most serious challenge facing organizations and enterprises in terms of computer security today?
PEDRO URIA (P.U.) : The biggest problem is to make them understand that the security of IT assets is a critical task and that they are constantly at risk of attack. According to INCIBE, Spain witnessed a record number of cyber attacks in 2017 with more than 120,000 incidents. Over the past two years, growth has been 140%. The forecast comes down to the fact that in 2018 these numbers will grow, and attacks will become more and more complex.
PS : What conclusions should we draw from security incidents resulting from vulnerabilities, as was the case with Equifax ?
P.U.: No organization is completely safe from cyber criminals. Using vulnerabilities to infiltrate corporate systems is a common technique. The case you mentioned is the largest data leak of all known. Hackers stole data from 147.9 million Americans.
Zero-day vulnerabilities are sold on the Deep Web, and they are a highly successful vector of covert attacks for criminal organizations. For example, Microsoft has just released an urgent patch for this type of critical vulnerability in Windows Defender antivirus for Windows 10. As you can see, even organizations like Microsoft are not completely safe in such critical incidents.
PS: Non-malware attacks and file-free attacks are new trends. How can organizations and government agencies deal with them?
P.U. : The problem for the future of information security lies not in malware, but in hackers. They are experts, highly qualified cyber criminals with the required resources, able to break into systems in enterprises and organizations, while remaining undetected, because they do not use malware or files.
To combat them, companies need to protect each of their IT systems with modern solutions with advanced information security features that are capable of real-time continuous monitoring of everything that happens on each computer. They should also be able to determine whether all these processes are legitimate, even if they are executed by legitimate and reliable applications and without the participation of malware.
PS : How can we achieve resilience to malware attempts to evade scans from security solutions?
P.U.: In order to achieve cyber resilience, all of the organization’s IT resources must be protected using modern solutions with advanced information security features that can detect attacks, prevent them and eliminate their consequences. Similarly, the solution should monitor in real time all the processes and actions that the user performs locally on a physical computer. This requires monitoring, control and classification of all processes and activities by specialized expert groups, like the PandaLabs laboratory team.
It is also extremely important to train managers, employees and contractors of enterprises so that they are not deceived and do not become involuntary participants in attacks.
PS: We are talking about security, protection and resilience, while malware itself is no longer the most important problem. And yet: have we already achieved such a high level of protection, or are malware still the main concern for companies?
P.U. : It largely depends on how mature the company is, how much importance it attaches to information security, and also on what modern information security solutions it uses to protect its infrastructure.
For Panda Security, malware is no longer a major concern due to the high visibility that we have with our Panda Adaptive Defense solution.with advanced security features, as well as our classification model for all processes occurring on the end devices that we monitor. Thanks to this, we can anticipate attacks and protect the systems of companies that trust us.
Similarly, the Threat Hunting service, which is provided to customers through the Panda Adaptive Defense platform , is focused on detecting new threats, including file-free attacks as well as attacks that do not use malicious programs.
For other companies, malware itself continues to be a huge problem. Every day there are more and more malware, the number of incidents is growing. The trend of 2018 is an increase in the number of incidents and an increase in the complexity of attacks.
Want to see real cases of the disclosure of attacks and the hackers behind them by PandaLabs? Don’t miss Pedro Uriah’s performance at PASS2018!
Register for PASS2018