Kaspersky Lab cybersecurity firm is hacked - comment from Fujitsu
June 2015 by Fujitsu
Bryan Campbell Lead Threat Intelligence Analyst at Fujitsu UK & I :
“The buzzword ‘ advanced’, is routinely used as a term to describe an attack which undermines the current technologies and methodologies used to defend against traditional cyber-attacks.”
“For Kaspersky and the other victims of Duqu 2.0, the threat posed by criminals wishing to attack companies through older techniques - such as Phishing emails - shows that the persistence of an adversary is only matched by the quality of the defences protecting a company against it. This instance of Kaspersky – a company built on the security principles developed for Security software – proves that all companies are equally vulnerable to being exploited by cyber criminals. Cyber-espionage combined with Zero day attacks highlights the need for better user education around the age old risk of threats such as Phishing.
“What companies needs to realise if that the simplest form of defence is often the most affective in relation to cost. User education should form the basis of vulnerability programmes and security assessments should include the ability to score users ability to identify a threat. In Kaspersky’s case, a company whose business is to secure user & business assets, the open disclosure of the attack is refreshing. It proves the difficulty all enterprise companies face in relation to advanced attacks, and subsequent root cause analysis.”