COMPANIES NEED TO PULL UP THEIR SOCKS TO COMBAT CYBERATTACKS

Cyber-attacks are rapidly increasing across nations and organizations that

oversee sensitive information remain woefully unprepared to fend off
increasingly clever and sophisticated cyber-attacks New study has shown

The cyber crime statistics illustrate some of the general trends

in the field of hi-tech crimes. Marked increases in cyber crime
statistics result in an increasing need for professionals capable
of responding to and investigating cyber crimes, and
conducting computer forensic examinations of evidence in
these cases.

Silicon Valley security software firm FireEye Inc. issued a report on Tuesday 24th Feb 2015
showing the trend of cyber-attacks. The report came when experts across nations vows to extend
the struggle to fight cybercrimes.
Data breach victims took a median of 205 days almost seven months to realize they had had
been hit, giving attackers a free rein in breached environments far too long before being detected,
the report said, while run-of-the-mill cyber criminals out to steal credit-card data are becoming
harder to distinguish from state-sponsored attackers due to advanced camouflaging tools and
tactics.

Despite increasing awareness of cyberthreats and investments to protect sensitive data, including
personal customer information and corporate secrets, corporations appear to be falling behind in
their efforts to counter hackers. Many companies are better prepared for fires, floods and ice storms
than data breaches, which are more likely, and likelier to have a more significant business impact
than other emergencies, said John Proctor, vice-president of global cybersecurity with Montreal
information technology services firm CGI Group Inc.

YUSUPH KILEO CYBERSECURITY AND DIGITAL FORENSICS EXPERT

TIP: Nearly 70 per cent of those hit by data breaches in 2014 found out
about the infractions from outsiders such as police or customers

At the same time, corporations increasingly realize there is little they can do to stop data raiders
from penetrating their firewalls and getting past their anti-virus software. Leading cybersecurity
providers are more focused on containing malicious software programs that have already entered
corporate servers and constantly monitoring networks to prevent the invaders from uploading data
to anonymous cybercriminals located around the world.

49% of global CEO are concerned about CYBERTHREATS to their

organisation
53% are concerned about the effect of bribery and corruption on
their bussiness.
43% are concerned about inability to protect intellectual property
Data from PwC's 17th Annual Global CEO Survey

Catherine Beagan Flood, a litigation partner with Blake, Cassels & Graydon LLP in Toronto
specializing in privacy and cybersecurity issues, said cyberthreats are becoming a high-priority
issue for senior Canadian executives, though she added, I think at the moment [they have] almost
a sense of resignation that this is what the world is like now and with the recognition that sooner
or later it will happen to their company.

YUSUPH KILEO CYBERSECURITY AND DIGITAL FORENSICS EXPERT

TIP: Almost every hack attack investigated by FireEye subsidiary

Mendicant was found to contain the same security gap: that employees
required only a user name and password to remotely access corporate severs
and not an extra authentication tool, such as random code sent to a
secondary device like a smartphones, biometric, tokens etc. that can give
added protection.

Last year, high-profile hack attacks on Home Depot, JPMorgan and Sony Pictures, among others,
compromised tens of millions of customer accounts and led to the leak of confidential information,
such as credit-card data and embarrassing internal e-mails.

According to cybersecurity firm Risk Based Security, five of the biggest 10 hacks ever happened
in 2014, while 1.1 billion records were compromised in 3,014 data breach incidents around the
world, up from the previous record of 822 million exposed records in 2013. At least, thats the
amount of known breaches; experts say that data breaches remain underreported, and legislation
now before the Canadian Parliament would make data-breach reporting mandatory.

TIP: Many organizations are vulnerable to mistakes by their own people.

More than three quarters of phishing e-mails messages meant to weakest
recipients into sharing passwords and log in information to access protected
servers came from hackers impersonating the companys information
technology (IT) department or suppliers of anti-virus software in 2014,
almost double the level of the previous year.

IT professionals are also falling short in how they build protective layers around their stores of
data. In some cases, even minor configuration mistakes in the systems architecture can leave
gaps allowing hackers to enter and roam freely around their systems.

YUSUPH KILEO CYBERSECURITY AND DIGITAL FORENSICS EXPERT