BLACK HAT USA — Las Vegas — With presentations on a variety of vulnerability research, malware analysis, and new attack techniques, Black Hat USA tends to be a security conference for analysts and managers from large firms and security vendors.
Yet, while the security experts that attend the conference are unlikely to work at small and midsized businesses, the attack-oriented research that debuts at Black Hat does hold lessons for smaller companies. The first lesson: SMBs are being targeted by attackers as well. In fact, size has less to do with whether a company is targeted than their business and their intellectual assets, says Joe Stewart, director of malware research for Dell Secureworks, a managed security service provider.
At the conference, Dell Secureworks disclosed details about a botnet, dubbed Comfoo, that has existed for more than seven years, attacking large companies and government organizations. Yet, smaller organizations should be wary as well, he says.
“It doesn’t matter how big your business is, it’s how interesting you are to the competition,” he says.
The annual security report released by Symantec has shown that SMBs are at risk of attack, with half of all targeted attacks detected by the firm focusing on SMBs, according to its Internet Security Threat Report.