How to fight back against business cyber threats in 2014…
Over the last 24 months, the ICT industry has seen an increase in the number of websites hacking globally, with hackers having motives ranging from political reasons to malicious intent of stealing critical data.
Ultimately, there are many ways to compromise websites as Anonymous and other politically motivated actors have done in the past.
According to network security company Palo Alto Networks, what the industry knows for sure is that the attacks we are seeing across Asia at this very moment are intended to embarrass the targets - such as the Australian government - for whatever reasons the hackers have made known.
"In general, these attacks we are seeing today are focused on finding known vulnerabilities or stealing an administrators’ password within the networks," says Gavin Coulthard, ANZ managing engineer, Palo Alto Networks.
"These are not particularly sophisticated attacks as opposed to more complex ones we have seen involving slow, persistent attacks focused on the acquisition of intellectual property and trade secrets via coordinated use exploits, malware and custom hacking tools.
“In the case of hacktivists, the hackers in this case don’t need anything particularly exotic; all they need to do is control the web server so that they can post their political messages and attract attention to these websites.”
According to Coulthard, the real challenge is that governments must deal with both types of attackers – the politically motivated hacker looking to make their attack as public as possible, as well as the sophisticated attacker who will use any techniques possible to remain silent during his attack.
“To effectively counter cyber threats and attacks proactively, governments and businesses need coordinated security that seamlessly controls both known and unknown threats and which can quickly share threat intelligence across the globe so others can benefit from the shared knowledge," Coulthard adds.
“Hacktivism season is once again in full swing. It’s crucial for organisations to know what they are up against and safeguard data as much as possible.”
Check out Palo Alto Networks' five tips to change your organisations mindset for 2014:
• Remember that hackers can only be as successful as a company is remiss. A strong cyber security platform/practice and diligence is a company’s best offence.
• Apply the right security solution everywhere, security matters across the organisation.
• Successfully bridge the communication gap between business and security staff. Organisations that do this will be most effective in combating the explosion of cyber attacks.
• Remember security is not a one-time project; it’s a practice.
• Be familiar with the ASD Top 35 Mitigation Strategies and ensure these initiatives are incorporated in your FY14 plans where opportunities exist.