Investigating the Autopsy of a Targeted Cyber Attack
Nov 25, 2016 00:37
A hacking group known as ‘Hacking Team’ posted a detailed overview of how a specific Italian firm was hacked into, on a public forum. Reading the hacking details was a fascinating analysis on its own, but the autopsy of the targeted attack is a definite must for every organisation that manages data security or supports a security policy in place.
Looking into the outline and procedures laid down by the hacker group, a security leader in an organisation who has concerns about such types of attack can look into how the ‘next’ attack can be prevented. If an organisation has suffered a similar data breach in the past, it should look into the following:
• Re-configuration of its common enterprise monitoring tools • Amendments made to log monitoring • Enhancements needed in alert analysis • Augmentationsin its vulnerabilities scanning
In addition to addressing 'if' an attack can take place, a security leader must also ask 'when' the next attack would take place. Once a hacker gets inside a company network, it can manage to cut through digital files, sensitive information and company infrastructure with ease. It is highly important that the inner workings of an organisational infrastructure are safeguarded.
The implementation of firewall logs can provide enhanced warnings of later breaches that are likely to take place. In addition, all software must be appropriately updated and patched in order to prevent vulnerabilities within the network management system. In most cases, data breaches take place because management networks and backup are not segregated as they should be which calls for a clear and demarcated creation of management and operational networks, in order to protect data and organisational infrastructure, particularly when the management network calls for administrative privileges.
One of the greatest challenges every organisation with a data security policy in place is to monitor those individuals with privileged facilities. A number of companies, particularly government related, need security clearances in order to safeguard from insider hazards. In spite of providing privileged users with accounts, it is important to monitor such users’ uses as well as their workstations. This is not because the privileged users are untrustworthy, but for their own protection and to ascertain that they are not being watched by key loggers, phishers, network sniffers and cyber terrorists.
Whenever intellectual property is a target, it is observed that a lot of data gets ex-filtrated. A data protectionor data loss prevention (DLP) solution that is effectively implemented and monitored can greatly diminish the possible and likely impact of a data breach or a document infringement attack.
Every organisation must ensure that necessary steps are taken to strengthen existing data encryption and protection matters on digital files in order to prevent a data breach. More and more organisations must review basic processes and procedures such as the setting of passwords for documents and email attachments-things that normally do not raise eyebrows or are taken notice of due to lack of time, resources or technical information. All security processes must be regularly and periodically scrutinised and reviewed by IT security so that organisational data or customer information is protected at all times.
Author Bio: Carol is a freelance technology writer. Currently, she is working for Locklizard, a reputed DRM technology provider. Please check their website www.locklizard.com for information security guides and document security papers.
If you are looking forward to rank your website on top, you might have asked SEO experts a common question – how much time does it take to reach the top rank on Google? The answer is complicated and can never be definite. Read more
It is, without doubt, evident that SEO has had a massive impact in the internet world today, so much that emerging website owners are already informed on techniques like keyword SERP tracking to give the ultimate SEO value to their site. Additionally, useful tools have come up, such as the social network checker that allows web owners, bloggers, small business owners as well as large enterprises check whether the content they share on social media have an impact on their overall digital marketing strategy, and it is affecting the overall ranking of their sites. Read more
Demand for 3D printing has exploded in recent years with hundreds of new 3D printer producers being developed to help meet this huge growth in demand. So, who are the new trailblazers in the industry? We take a look at the top five manufacturers of 3D printers, who are set to shape the industry with new products and innovations. Read more