Cost of malware makes endpoint detection and response a priority

by Charles Leaver

July 7, 2014

access_time 6 min read

When it comes to implementing endpoint threat detection and response measures, it's not really a choice for businesses anymore. Instead, it's an absolute necessity. The global proliferation of cybercrime has ushered us into an age of constant threats. If your company isn't well guarded, it could easily become the next victim of a major breach. And just as the number of attacks out there are increasing, so too is the cost of each incident. As the recent actions of a cyber crime ring in Brazil suggests, the monetary damage of such intrusions are only on the rise.

'Boleto Malware' wreaks havoc in Brazil
In Brazil, many people conduct payment transactions through money orders online. Because this form of payment that's so popular, it should come as no surprise that it was also a prime target for hackers. According to ZDNet, a crime ring focusing on the interception of these money orders - called Boletos - has so far netted the criminals an estimated $3.75 billion. The enormous cost of this incident points to the truly limitless power of cybercriminals if they are left unchecked.

The reason the hackers were able to amass so much in stolen currency in this incident is because they conducted their malicious business undetected for long periods of time. In fact, the Boletos malware has been an ongoing problem for two years, during which very little has been done to slow its momentum. A report released by RSA states that one of the greatest advantages the criminal ring carrying out this attack has is that its malware is extremely challenging to detect, both for customers and banks. From the perspective of customers, a Boleto validation screen that is maliciously infected will, the RSA report points out, look no different than your average payment screen. Once the fraudulent payment arrives at the bank, the hackers rely on the popularity of Boletos to help elude detection.

"Boleto payment is highly popular in Brazil, and there are dozens of payments made by a customer each month," the report said in explaining why banks generally overlook the malware.

So far, according to ZDNet, there are 34 Brazilian banks directly impacted by this criminal strain. Over the two years since it arrived on the scene, the Boleto malware is estimated to be responsible for almost 500,000 transactions.

"Cybercrime is a lot more rampant in Brazil than it is in the United States, and in many ways Brazil has been the trendsetter in cybercrime," Gartner cybersecurity analyst Avivah Litan told The New York Times.

That may be the case, but if anything, this episode in Brazil sends a message to businesses around the globe to firm up their defenses.

Companies are showing greater prioritization of cybersecurity
Fortunately, it looks like companies are beginning to grasp t
he vitality of endpoint threat detection and response, and plan accordingly. According to Investment News, the 2014 Investment Management Compliance Testing Survey found that 74 percent of respondents considered cybersecurity one of the foremost concerns of compliance. This number represents a meteoric rise from the only 14 percent of respondents who prioritized cybersecurity last year, and points to a growing awareness among businesses that enterprise security and guarding company endpoints is not something that can be relegated to the bottom of a priority list.

"There have been so many high-profile cybersecurity breaches in the news, not just in the financial services sector, but more broadly, such as with Target," Laura Grossman, assistant general counsel of the Investment Adviser Association, said in explaining the huge increase in business security focus.

Hopefully next year this number will rise from 74 percent to the full 100 percent it deserves.