On Wednesday, the seemingly unthinkable happened: Moscow’s Kaspersky Lab, one of the leading cybersecurity companies in the world, revealed that its network was breached just a few months ago by a sophisticated malware platform.
According to a statement released by Kaspersky, the platform, Duqu 2.0, gained backdoor entry into the Kaspersky network by exploiting the system’s zero-day vulnerabilities, which are well-known security weaknesses. Over an unspecified duration of time, the malware spread through the network using MSI database files.
Of note is the fact that the attack was not aimed at stealing Kaspersky’s customer data, and instead focused on monitoring the lab’s internal processes. Since Kaspersky is an expert in preventing advanced persistent attacks (APT), the hackers were looking for ways of thwarting the detection software in order to be more effective.
As Kaspersky explained, the hackers went to great measures to avoid detection; for instance, they did not modify or create any disk files or even interrupt any system settings.
“The philosophy and way of thinking of the ‘Duqu 2.0’ group is a generation ahead of anything seen in the APT world,” the statement reads.
Why should this cyberattack have you worried? If Kaspersky, one of the most advanced and protected networks in the world, can be breached, an invasive intrusion can most certainly happen to your business too.
Many business leaders, however, still operate under the assumption that their networks would fly under the radar of such cyberthieves. The reality, conversely, is that cybercriminals regularly exploit businesses of all types and sizes. An attack could happen at any time and, when it does, you may not even be aware that your network is infected. Malware can take several years to be discovered and eradicated.
It’s for this reason that you need to take appropriate measures to ensure that your network is up to date with the latest software patches. Cybersecurity in today’s hostile Internet environment requires the constant vigilance of a team of expert IT professionals. Anything less than constant supervision could result in falling behind and leaving your network wide open to hackers.
Click here to learn how Apex Technology Services of Norwalk, Connecticut, can help your business stay safe online with its network monitoring program.