Every year the threat landscape gets more sophisticated. In the early 2000s, when the world was getting online, attacks were much easier to spot. Executed mostly by Amateurs, the lack of security technology allowed them to be noisy. Unsophisticated detection techniques allowed common attacks to be run off of scripts that were shared within the hacker community. In addition, the business of black market data was in its infancy – leaving the majority of attacks to be untargeted and focused on curiosity and mischief. Over the past 10 years, security technology has become more sophisticated. Intrusion prevention systems now inspect packets and files, endpoint security has moved beyond simple Anti-virus to comprehensive security suites and organizations have learned that looking at security activity is important.
As security has grown more sophisticated, so has the business of cybercrime, the attackers and the techniques used to steal data, take down systems, and perform hacktivism. Attackers are now professionals – and the tools they use, such as Zeus, have followed suit. Attacks today are stealthy and targeted with a purpose.
No longer can prevention techniques alone serve to protect enterprises. Finding this new “needle in a stack of needles” requires an intelligent use of security data.