itb-nz logo
Story image

'No magic bullet' to prevent cyber attacks, says analyst

15 Jun 2011

Following recent cyber attacks on a number of high profile organisations ranging from the International Monetary Fund (IMF), Lockheed Martin, Citigroup and Sony, the importance of airtight security measures online has been brought to the fore - but analysts warn there is 'no magic bullet' to prevent more attacks.

Graham Titterington, principal analyst for business and technology consultancy Ovum, said improving coding standards of applications is a "major step" towards better security for internet-facing applications.

"Monitoring data movements, data encryption, and data loss prevention systems can also reduce the loss of information directly from electronic systems, particularly with regard to high volume theft," said Titterington. "In [the IMF's case] it appears to have flagged the data breach, but not soon enough to prevent the damage being done."

Titterington warned that the technologies themselves are not "universal panaceas".

"Encryption is only as good as key management and brings the risk of losing all access to your data if you lose the key. People are people and have innate vulnerabilities with respect to trusting the wrong people, accepting inducements, or simply having more pressing concerns at the time they are approached."

The IMF cyber attack is thought to have been undertaken at the behest of a foreign government agency, though in the case of Sony, at least some of the attacks came from the hacker collective LulzSec. The US Pentagon asserted earlier this month that it will treat cyber-attacks as acts of war.