Threat Manager Claims 100% Flaws in Cyber Security
Lookingglass Cyber Solutions, a cyber-threat intelligence management company, has claimed that in a 35-day survey of global financial services companies and their third-party vendors, the company found that 100% of the networks it investigated showed signs of compromise or had obvious risks.
“Every week, we are hearing about a new organization reporting a major data theft, but what they aren’t talking about is exactly how perpetrators are getting in. This study highlights a weakness that the industry has been very hesitant to talk about in public – the fact that trusted third parties should not and cannot be truly trusted,” said Chris Coleman, CEO of Arlington, Va.-based Lookingglass in a prepared statement.
“Global organizations such as financial institutions, as well as retailers and critical infrastructure organizations, must look beyond their own defensive perimeters and consider monitoring their public Internet presence to better understand their attack surface. Gaining insight into third parties is crucial to mitigating risk within the supply chain,” Coleman said.
“Financial services companies have to monitor their vendors continuously,” he added in an interview with Credit Union Times.
Coleman elaborated that Lookingglass found serious issues with some vendors, including the presence of rogue botnets as well as the Zeus Trojan horse malware.
According to Lookingglass, “a full 25%” of the third-party vendors sampled showed evidence of Zeus infections.
“A lot of these findings were disappointing,” said Coleman.
He added that the cause, in many cases, seemed to be “a lack of routine maintenance, along with use of old machines that had not gotten security updates.”