Opinions: Even More Reason to Get Protection

Ian Hyndman ~ Enex TestLab (UK Laboratory)

Most modern day cyber attacks tend to target organisations and governments with the explicit purpose of stealing information and causing disruption.  As a consequence, governments have had to reassess their stance on cyber crime, and many are attempting to tackle the problem directly.

In the latest budget, the UK government announced an estimated £500 million will be made available to help fight the war on cyber crime. This is a substantial allocation, suggesting that cyber crime is a bigger problem than the average person might be aware of. It is refreshing to see that the threat is being taken seriously.

Recently, Symantec and Websense (among many others) have announced they expect an increase in attacks in during 2011. This has been backed up with the UK’s intelligence centre (CESG) saying that it has seen a massive rise in the number of attempts made to infiltrate UK government and industrial targets over the past year.

The types of attacks occurring are very advanced, with viruses/worms such as Zeus, Aurora and Stuxnet deliberately targeted at infiltrating businesses and key infrastructure.
These malware are specifically designed to hide from detection devices and software, making them significantly harder to manage.  They also mutate into different strains, allowing them to survive far longer in the wild.  The Stuxnet worm is said to be one of the most advanced pieces of malware seen to date.  Iit is a sophisticated worm that has the ability to actually change its code and hide these changes afterwards.  Currently, this type of technology infects thousands of computers worldwide. It is the sort of cyber-attacks seen in sci-fi films through the 80’s and 90’s, they really may be becoming a reality.

In November 2010 the UK Intellectual Property Office was hit by a cyber attack which took down its website and services for several days.  It was almost certainly a targeted attack due to the ferocity and damage it caused.  And this is but one of the many attacks that take place worldwide on a daily basis.
Most of the current targets are generally big business and government - organisations that hold information worth a lot of money.  But, as this kind of malicious technology spread, my fear is that it will begin to be used against any company holding useful data – big or small. Even a list of email addresses can be valuable to the right customer.

To combat such attacks, all businesses have to enforce strict security policies.  That isn’t to say they need to have expensive equipment, but they do need to ensure that all employees are being vigilant.  A good security policy should contain instructions on acceptable internet use along with guidance on the correct use of memory sticks and personal equipment brought in to the work place.  Nothing should be plugged in to a PC that hasn’t been virus checked.

One of the most important defences against attack is to ensure that all PCs, workstations and servers are fully patched with the latest security updates (operating system and anti-malware solutions).  Usually, it is vulnerabilities in operating systems and security that most attackers look to exploit.
Even though malware is becoming more advanced, the best ways to combat it continues to be much the same.  It is probably true that the Stuxnet worm outbreak was cause by unchecked laptops and memory sticks being used on the corporate network.

If a user is vigilant (scan all files before opening, don’t open email attachments from unknown senders, and keep your anti-malware solution up to date) you are about as safe as you can be whilst still being connected to the internet.

Just like anything in the world of IT, malware is evolving. It is always up to users to ensure they take the precautions necessary to safe guard themselves until anti-malware vendors catch up with what’s being found in the wild.

Join the CSO newsletter!

Error: Please check your email address.

Tags cyber attacksOpinionssymantecsecuritysecurity policiescyber crimeUK governmentmalwareUK Intelligence centre (CESG)websense

More about Enex TestLabetworkSymantecWebsense

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Hyndman

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts