Targeted cyberattacks that use sophisticated social engineering techniques to exploit network vulnerabilities are creating advanced persistent threats (APT) to enterprise security models like never before. According to the article, “Targeted cyberattacks test enterprise security controls,” these threats pose a more immediate danger to sensitive data of U.S. commercial entities than a full-fledged cyberwar. George Kurtz, a long time colleague of mine and CTO of McAfee, expects these types of attacks to continue.
“These attacks have demonstrated that companies of all sectors are very lucrative targets. [APTs are] the equivalent of the modern drone on the battlefield. With pinpoint accuracy, they deliver their deadly payload, and once discovered — it is too late.”
One of the methods the article suggests to protect systems from targeted attacks is using a whitelist to allow specific traffic over its networks while excluding everything else. Continue reading this post…
Escalating revenue losses from cyber crimes and understaffed network security teams have Indian companies more concerned about cyber attacks than terrorism.
In the article, “Cyber attacks worry firms more than terrorism,” the “2010 State of Enterprise Security Study” conducted by Symantec Software Solutions Pvt. Ltd. found that 42% of companies representing industries such as telecom, hospitality, manufacturing, retail and technology perceive cyber attacks as the biggest threat to their enterprises.
One reason cited was the lack of adequate network security. Over the past year, 66% of companies surveyed said they had experienced cyber intrusions while 51% reported repeated attacks. The study also pointed out that deployment of enterprise security has turned into a difficult task for many organizations. Said Vishal Dhupar, managing director at Symantec:
“Enterprise security is understaffed and the most affected areas in organizations are network security, web security and data-loss prevention. To tackle the issue, companies need to secure their messaging and web environments and defending critical internal servers. They should also have the ability to back up and recover data and respond to threats rapidly.
With the rise in malicious attacks targeting sectors that can have a significant impact on India’s economy, one has to wonder if cyber attacks and terrorism weren’t one in the same. As I mentioned in a recent blog, “Are we in a cyberwar or not?” cyber threats continue to have a growing impact on our nation’s economy and global competitiveness. Although U.S. Cyber Czar, Howard Schmidt, may not think we are engaged in cyber warfare, the impacts from targeted attacks are being felt everywhere, and are top IT concerns for many organizations and nations around the world.