Investigating the Autopsy of a Targeted Cyber Attack
Nov 25, 2016 00:37
A hacking group known as ‘Hacking Team’ posted a detailed overview of how a specific Italian firm was hacked into, on a public forum. Reading the hacking details was a fascinating analysis on its own, but the autopsy of the targeted attack is a definite must for every organisation that manages data security or supports a security policy in place.
Looking into the outline and procedures laid down by the hacker group, a security leader in an organisation who has concerns about such types of attack can look into how the ‘next’ attack can be prevented. If an organisation has suffered a similar data breach in the past, it should look into the following:
• Re-configuration of its common enterprise monitoring tools • Amendments made to log monitoring • Enhancements needed in alert analysis • Augmentationsin its vulnerabilities scanning
In addition to addressing 'if' an attack can take place, a security leader must also ask 'when' the next attack would take place. Once a hacker gets inside a company network, it can manage to cut through digital files, sensitive information and company infrastructure with ease. It is highly important that the inner workings of an organisational infrastructure are safeguarded.
The implementation of firewall logs can provide enhanced warnings of later breaches that are likely to take place. In addition, all software must be appropriately updated and patched in order to prevent vulnerabilities within the network management system. In most cases, data breaches take place because management networks and backup are not segregated as they should be which calls for a clear and demarcated creation of management and operational networks, in order to protect data and organisational infrastructure, particularly when the management network calls for administrative privileges.
One of the greatest challenges every organisation with a data security policy in place is to monitor those individuals with privileged facilities. A number of companies, particularly government related, need security clearances in order to safeguard from insider hazards. In spite of providing privileged users with accounts, it is important to monitor such users’ uses as well as their workstations. This is not because the privileged users are untrustworthy, but for their own protection and to ascertain that they are not being watched by key loggers, phishers, network sniffers and cyber terrorists.
Whenever intellectual property is a target, it is observed that a lot of data gets ex-filtrated. A data protectionor data loss prevention (DLP) solution that is effectively implemented and monitored can greatly diminish the possible and likely impact of a data breach or a document infringement attack.
Every organisation must ensure that necessary steps are taken to strengthen existing data encryption and protection matters on digital files in order to prevent a data breach. More and more organisations must review basic processes and procedures such as the setting of passwords for documents and email attachments-things that normally do not raise eyebrows or are taken notice of due to lack of time, resources or technical information. All security processes must be regularly and periodically scrutinised and reviewed by IT security so that organisational data or customer information is protected at all times.
Author Bio: Carol is a freelance technology writer. Currently, she is working for Locklizard, a reputed DRM technology provider. Please check their website www.locklizard.com for information security guides and document security papers.
A payment gateway can be defined as the infrastructure that allows a merchant to accept credit card and other forms of electronic payments. The e-payments can take place online as well as from the traditional brick and mortar stores. Payment Gateways play an important role in encrypting and transmitting critical information between payment portals and the front end processors/ Banks. Read more
Cutting the cord on expensive cable packages is something more people are opting to do. Now, with the streaming media options available, a lot of people feel like there’s no need to have traditional cable. They have more choices than they could even be able to enjoy and streaming your entertainment versus having a cable package provides cost savings and freedom from a monthly bill. You have access to not just shows, but your favorite movies, entire series, music and more with streaming platforms. Read more
We don’t need to be told that technology has changed the world. We’ve seen it happen over the last century, and we’re seeing it happen today. We’ve seen it in the progression from the world’s first computer, a humongous piece of machinery, to the tiny, advanced computers millions of us carry in our pockets every day. Read more