Cyber intruders now use in-country assets to mask their location, making attribution challenging. If the state actor has a grudge that they want to air, then they will use their own addresses to get their message across to the company and government.
On the surface, last week’s data breach at the US Office of Personnel Management (OPM) might seem like just another cyber attack, like those which affected Target, Home Depot and many others. However, the ramifications of the OPM breach, allegedly perpetrated by Chinese hackers, are potentially more sinister.
I allege that with only a few minor changes in organizational IT behavior and the use of security automation, most zero day attacks can be converted from PR catastrophes into mere nuisances.
However, even once you accept the fact that the bad guys are going to get into your network, you can significantly mitigate the damage done. Here are some tips to bolster your organization’s IT security posture.
Cyber-defense today is not about stopping intrusions. It is about creating architectures and processes that minimize losses and limit how far into the network intruders can go after they do manage to penetrate the perimeter with zero day attacks and similar exploits.
Financial services security must now be built and operated at the level of national defense and military-level security; commercial compliance and mitigation are no longer effective strategies.
The analogy I like to use for IT security in today’s organizations is that of a candy with a hard shell and gooey interior. Attackers now know how to break through the outer security – the shell. Since the interior security is weak, or gooey, complete control over most systems can be obtained in a matter of minutes.
The Chinese cyber attack on Canada demonstrates the reason why privileged account passwords should never be shared among employees, or left static and unchanged. In the description of this attack, hackers were able to gain access to sensitive systems via access to these credentials.