Target located: The growth of the targeted attack

In 1971, John Draper used a whistle, found in a cereal box, to reproduce a 2,600 Hz tone able to allow phreaks to make free calls -- wire fraud was born. This was a man acting on no other motive than personal gain, but how the game has changed. Just last year, oil giant Saudi Aramco suffered a very serious and very public cyber attack, which floored 30,000 machines. This was a very sophisticated and organised act of cybercrime.

The growth of targeted attacks has been documented in the global press, but the severity is possibly understated. Last year, the former US defence secretary, Leon Panetta, said that a "cyber Pearl Harbour" could one day take place. Others have since stated that cyber warfare is as much a priority as physical acts of terrorism.

So serious is the risk that many government bodies are now recruiting the services of dedicated cyber-security officers to keep a full-time eye on assets.

"The cyber-threat landscape, now a complex tapestry encompassing a broad range of elements, has both public and private sector organisations in every industry sector on the hunt for tactical and strategic solutions that ensure protection of their critical assets," says Dr. Mahir Nayfeh, Vice President, Booz Allen Hamilton, MENA.

And as Franz Erasmus, Practice Manager, Security Solutions, CA Technologies, says, the movement of the digital age has of course played into the hands of the hackers, given the increasing number of avenues they are capable of infiltrating.

"Organisations and states started realising how dependent and vulnerable they are with the en masse movement of even the most basic of government services to a computer-based structure," he explains.

Rob McMillan, Research Director, Gartner, says the frequency of cyber-attacks has increased along with the complexity, which has caused serious issues for government entities.

"There has been an exponential increase in the frequency of cyber-attacks. The Y2K era saw a huge surge in viruses or trojans like ILOVEYOU, Anna Kournikova or CODE RED, which had major impacts in terms of disruption across the globe.  However, the attacks have not only increased in frequency but they have progressed from simple-unstructured to advanced-structured to complex-coordinated over the past few years. Hackers are often paid for causing sabotage and therefore their intentions and determination are undeterred," he says.

Regionally, the Middle East has been at the height of some high profile attacks -- whether acts of cyber-war or large government attacks, such as the Aramco story mentioned earlier. Nicolai Solling, Director of Technology Services, help AG, believes that the media plays a crucial role in addressing these attacks.

"Awareness has always been the key to efficiently combating cyber-crime and the media coverage of high-profile attacks across the Middle East over the last couple years has definitely caught the attention of IT departments. Because of this, one of the strong security trends in the region has been the increasing implementation of security standards such as the ADSIC initiative in Abu Dhabi and the ISO/IEC 27,001 certificates in the U.A.E. and other Gulf states," he says.

However, the ways and means of addressing such breaches can still be improved, he says.

"What is often surprising and worrying, however, is that many organisations choose a reactive approach to security issues instead of actually addressing the problem through architecture and policy. A good example here is the issue of advanced malware or zero-day attacks -- everyone knows that they are there, but only a few organisations proactively address the issue."

Global red alert

"President Obama promised more cash for cyber-wars in the U.S. 2014 military budget. And the U.S.A. is not the only country who cares about the matter."

It's clear from this quote by Alexander Zarovsky, Head of International Business Development, InfoWatch, that targeted cyber-crime is now officially a top-level priority for the largest states and governments. Obama's recent budget proposals suggest that although overall spending has been cut by $3.9 billion, cyber defence efforts have seen an $800 million boost, taking the budget to $4.7 billion.

Moreover, this action has been replicated more locally -- and to an impressive standard.

"Both governments and enterprises are treating cyber-crime as a very serious issue. Here in the U.A.E., we have seen that the government has in the last year enacted two new security laws -- (i) Law No. 5 of 2012 Concerning Combating Information Technology Crimes (Cyber-crimes Law) and (ii) Law No. 3 of 2012 on Establishing the National Electronic Security Authority (E-Security Authority Law) -- that relate specifically to cyber-crime. In fact, the country has even ranked fourth internationally for cyber-security," says Chris Moore, Regional Sales Director, Blue Coat.

He continues, "Although most of what has been reported in the last year has related to attacks on government and public sector organisations, there has been a lot of cyber-criminal activity targeted at enterprises. Of course, these figures are hard to come by given that no organisation would willingly and openly discuss vulnerabilities in its IT infrastructure. Still, there are ongoing discussions within the IT community and security is a topic that is definitely a top priority for IT decision makers."

Defending complex attacks

The increasing sophistication of targeted attacks does call for a more focused and intelligent approach to defence. However, Miguel Barojos, Vice President of Sales, SEMEA, SafeNet, believes these defences are coming.

"The lack of physical barriers in the digital world makes it easy to replicate the attacks that happened in the U.K. one week to the Middle East the next one, but I believe that we will also see sophistication in the cyber-defence infrastructure being built in the future to overcome the threat," he says.

Corey Nachreiner, Director of Security Strategy, WatchGuard, adds, "I believe there is much more awareness and interest in information and network security. Companies in that region are realising that firewalls alone are not going to prevent attacks, and that they need to invest in more technology and people to protect themselves from these cyber-risks. As a result, I believe the region is investing more in cyber-security, and I've seen more security companies and professionals start to develop in the Middle East."

The argument between whether states are lacking behind in the cyber-war or not could and will rage on. Every time a major government entity is attacked or coverage of a large enterprise breach is publicised, the argument is going to resurrect.

It's difficult to know exactly how far we are in our defences as the organised cyber-crime scene is a constant battle.

"We're at the beginning of the road when it comes to stomping out these kinds of attacks, but the good news is that attackers are also at the beginning of their own road. Many cyber-espionage tools and kits are still to be developed, so governments should scrutinise even what seems to be a tiny piece of the network," explains Catalin Cosoi, Chief Security Strategist, Bitdefender.

Getting owned

One highly attractive victim for hacktivists is of course security vendors themselves. This is an example of how sensitive the security threat landscape is. How publicly can a security vendor discuss a breach? Hacktivists are constantly pushing the boundaries, making it harder and harder for companies to defend themselves.

The future of cyber-crime may look bleak depending on what view you take. But it's no secret now that governments and enterprises are fully aware of the severity of the situation. Whether or not enough budget will be granted or enough resources will be considered to properly combat this, it's a waiting game.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about Blue Coat SystemsCA TechnologiesGartnerISOSafeNetStrategy&TechnologyWatchguard

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joe Lipscombe

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place