Pedro Uria: "The problem for information security will not be malware, but hackers"

Only a few weeks left before the European Information Security Summit. The Panda Security Summit ( PASS2018 ) summit will take place in Madrid on May 18 - a landmark event for IT directors and information security managers.

At the summit, experts from companies such as Gartner or Deloitte will present their perspectives and analysis of the global panorama in the field of information security, as well as talk about trends in the development of protection and threats. Summit participants will also be able to see the results of the PandaLabs antivirus lab, which coordinates various information security techniques. We decided to talk with Pedro Uria, director of the PandaLabs laboratory, to first learn the main points of his speech at the summit, where he will explain how businesses should ensure their protection, safety and resilience in an era when the main problem is not related to malware.
')
PANDA SECURITY (PS) : What is the most serious challenge facing organizations and enterprises in terms of computer security today?

PEDRO URI (PU) : The biggest challenge is to make them understand that the security of IT assets is a critical task and that they are constantly at risk of attack. According to INCIBE, Spain witnessed a record number of cyber attacks in 2017 with more than 120,000 incidents. Over the past two years, an increase of 140%. The forecast boils down to the fact that in 2018 these numbers will increase, and the attacks will become more and more difficult.

PS : What conclusions should we draw from security incidents resulting from vulnerabilities, as was the case with Equifax ?

P.U. : No organization is completely safe from cyber criminals. Using vulnerabilities to penetrate corporate systems is a common technique. The case you mentioned is the largest data leak of all known. Hackers stole data 147.9 million Americans.

Zero-day vulnerabilities are sold on the Deep Web, and they are a very successful vector of hidden attacks for criminal organizations. For example, Microsoft has just released an urgent patch for this type of critical vulnerability in Windows Defender antivirus for Windows 10. As you can see, even organizations like Microsoft are not completely safe in such critical incidents.

PS : Attacks that do not use malware and fileless attacks are new trends. How can organizations and government agencies deal with them?

P.U. : The problem for the future of information security lies not in malware, but in hackers. They are experts, highly skilled cyber criminals with the required resources, capable of hacking into systems in enterprises and organizations, while remaining undetected, because they do not use malware or files.

To combat them, companies need to protect each of their IT systems with the help of modern solutions with advanced information security features that are capable of real-time continuous monitoring of everything that happens on every computer. They must also be able to determine whether all these processes are legitimate, even if they are executed by legitimate and reliable applications and without the participation of malicious programs.

PS : How can we achieve resilience against malware attempts to evade checks from security solutions?

P.U. : To achieve cyber-resilience, all organization's IT resources must be protected with modern solutions with advanced information security features that are able to detect attacks, prevent them and eliminate their consequences. Similarly, the solution should monitor all processes and actions that the user performs locally on the physical computer in real time. This requires monitoring, controlling and classifying all processes and actions by specialized expert groups, like the PandaLabs laboratory team.

It is also extremely important to train managers, employees and contractors of enterprises so that they are not deceived and do not become unwitting participants in the implementation of attacks.

PS : We are talking about security, protection and resilience, while malware itself is no longer the main issue. And yet: have we already reached such a high level of protection or are malware still the main problem for companies?

P.U. : It largely depends on how mature the company is, how much importance it attaches to information security, as well as what modern IS solutions it uses to protect its infrastructure.
For Panda Security, malware is no longer a major problem due to the high level of visibility we have thanks to our Panda Adaptive Defense solution with enhanced security features, as well as our model for classifying all processes occurring on the end devices we monitor. Thanks to this, we can anticipate attacks and protect the systems of companies that trust us.

Similarly, the Threat Hunting service, which is provided to clients through the Panda Adaptive Defense platform, focuses on detecting new threats, including fileless attacks, as well as attacks that do not use malicious programs.

For other companies, malware as such continues to be a huge problem. Every day there are more and more malware, a growing number of incidents. The trend of 2018 is the increase in the number of incidents and the increasing complexity of attacks.

Do you want to see real incidents of the attacks and the hackers behind them in the PandaLabs lab? Do not miss the performance of Pedro Uriah on PASS2018!

Register on PASS2018