Global security software leader Trend Micro Incorporated (TYO: 4704; TSE: 4704) is raising the alarm about backdoors, the primary tool for stealing data that attackers use to go deeper into the target network without being detected.
Although the motivation behind targeted attack campaigns may vary, threat actors continue to go after the “crown jewels” or confidential company data of enterprises.
Based on the recent Harvard Business Review study, “Aggressive and Persistent: Using Frameworks to Defend Against Cyber Attacks”, there are four types of data commonly stolen in targeted attacks: personally identifiable information (PII) (28%), authentication credentials (21%), intellectual property (20%), and other sensitive corporate/organizational data (16%).
The Crucial Role of Backdoors in Targeted Attacks
Before getting to the crown jewels, though, attackers need to gather a whole lot of other information about their target in order to infiltrate the network without being detected.
This may involve gathering publicly available information about the target, as well as information about the target’s network infrastructure. The latter is often done with the use of malware, such as remote access tools or backdoors. Threat actors often employ a wide-array of backdoor techniques to evade detection.
Based on Trend Micro’s previous investigation, many targeted attacks reflected that various tactics are used by backdoors to carry out their routines while remaining undetected by network administrators and security software products. Additionally, these techniques have evolved overtime as IT admins started to employ more sophisticated network defenses.
IT Admins Must “Beef Up” Network Security Against Backdoors
IT or system admins are naturally cautious about their network’s safety. IT professionals are expected to protect their network, with firewalls, secure all mobile stations, and deploy security software across all platforms.
Because data breach, malware, and other forms of cyber-attacks continuously threaten company networks, it is very important to secure its environment with the right protection. However, slippery backdoors still manage to slip through the radar due to exploited vulnerabilities within the network.
Before sensitive data is spied on and stolen, IT admins must beef up their network security against backdoor techniques used in targeted attacks by following Trend Micro’s recommendations for best practices and solution technologies. These include firewall, network patterns, and anti-malware solutions. IT admins also need to watch out for potential vulnerabilities and stay aware and updated on security.