This Is No Time to Skimp on Security

Have you been paying attention? Security threats around the world have changed over the past few years. One of the fundamental differences is that the motives for security breaches have multiplied.

Where once they were almost entirely a criminal means of monetary gain, today they are also driven by international tensions, ideological vigilantism and the desire to embarrass organizations and governments -- with individuals, groups and even countries using electronic means as a form of aggression.

Who knows what groups like Anonymous, AntiSec and LulzSec will target next? Who knows what other countries or nationally focused groups might target U.S. interests -- public or private -- using cyber sabotage and warfare techniques, such as those reportedly set in motion by Stuxnet.

Recent examples of companies, organizations and websites that have been hacked include Booz Allen Hamilton, the CIA, Citigroup, Epsilon, Google, Honda, the IMF, Lockheed Martin, NASA's Jet Propulsion Laboratory, NASDAQ, PBS, the Pentagon, RIM's BlackBerry blog, RSA, Sony and the U.S. Senate.

On Aug. 2, security vendor McAfee released a white paper (download PDF ) in which threat researcher Dmitri Alperovitch chronicled a hacking campaign dubbed Operation Shady RAT that penetrated 72 organizations in 14 countries over the past five years. Alperovitch wrote: "I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact."

McAfee competitors Kaspersky and Symantec criticized the report for implying that the Shady RAT hackers had done something sophisticated and out of the ordinary. While that suggests that security vendors are more concerned with outdoing one another than with showing how their systems can protect enterprises , no one is disputing that long-term hacking not only exists but is commonplace.

An Aug. 5 Computerworld story by Gregg Keizer (" Shady RAT Hacking Claims Overblown, Say Security Firms ") quoted Symantec researcher Hon Lau: "While [the Shady RAT] attack is indeed significant, it is one of many similar attacks taking place daily. Even as we speak, there are other malware groups targeting many other organizations in a similar manner."

Still not convinced that your company is surrounded by a rising tide of security threats? In its May 2011 report on worldwide and U.S. security, IDC said that enterprises "already know that antivirus tools don't work against advanced persistent threats (APTs) and other malicious threats and that they are vulnerable to becoming part of the 70% of organizations that have been breached in some way.... The changing and persistent nature of those with malicious intent makes it very challenging to stay ahead of security threat management."

IT organizations need to rethink their security protections, and especially their assumptions about who and where threats come from and what may be motivating them. Five-year-old assumptions could easily get a company into trouble.

As if all that were not enough to contend with, IT budgets are tight at many companies. Here, then, are two considerations to keep in mind as you head into budget season: First is the question of how much a security breach would cost your company. Second is the fact that seven out of 10 companies have already experienced a security breach.

Scot Finnie is Computerworld's editor in chief. You can contact him at and follow him on Twitter ( @ScotFinnie ).

Read more about security in Computerworld's Security Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Cybercrime and HackingBooz Allen HamiltonNASAmcafeeGooglesecurityHondalockheed martinsonycitigroup

More about APTASABlackBerryEpsilon InteractiveGoogleHonda AustraliaIDC AustraliaIMFKasperskyKasperskyLockheed MartinMcAfee AustraliaNASAResearch In MotionRSASonyStrategy&SymantecTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Scot Finnie

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts