Let’s face it, the statistics are just not in your favor when it comes to avoiding cyber attacks. Just to cite a few, 85% of those surveyed by Trusted Strategies in September 2009 either had or expect a cyber attack within 36 months. Care to take the 1:6 odds on this table? Combine that with the fact that the number of personal records compromised in cyber attacks jumped 500% in 2009, and I don’t think this is a bet that anyone wants to take. Cyber attacks are now dominated by organized criminal activity, with 91% of the personal records compromised in 2009 linked to organized criminal groups.
And not all attacks are financially motivated, as witnessed by the distributed denial of service (DDoS) attacks launched last week against several sites, including those belonging to Amazon, Mastercard, Visa, PayPal, and others after terminating WikiLeaks accounts. Given the speed with which these attacks were mounted, it’s beginning to feel like successful attacks can be carried out anytime and anywhere, as long as the motivation is compelling. And it looks as if botnets are being recruited for the DDoS attacks.
So what can you do? Cyber attacks are by their nature designed to be covert, especially those targeting personal or financial data, so identification and elimination can be difficult. Diligence is the key, and there are many ways to keep your guard up. Roland Dobbins, a solutions architect at Arbor Networks, felt the attacks were “able to achieve disproportionate impact due to the unpreparedness of the defenders.” Here are five key ways to help ensure you are doing everything you can to keep the overwhelming odds in your favor.
Processes, Processes, Processes
Even the most sophisticated technological solutions cannot overcome absent, poor or unmonitored processes. In a study done by the Verizon Business RISK team published in July 2010, 67% of network breaches were aided by significant errors, with 87% considered avoidable through simple or intermediate controls, in other words, with adequate processes in place with constant validation that these processes are being followed.
Use Network Recorders
Network recorders are appliances designed to capture, store, analyze and mine high speed network traffic. The most capable appliances can capture at greater than 10Gbps, with zero packet loss, and include either large amounts of built-in storage or a SAN interface. Network recorders can be placed at core switches to capture all enterprise traffic, thereby recording a breach even if it is not detected until a later time. With the recording you can determine exactly how the attack happened, what damage has been done and perhaps even the source of the breach.
Establish Network Baselines
It’s really hard to know if something funny is going on with the network if you have no idea of how it normally behaves. Baselines provide a record of how your network is behaving, over time, so you always have a reference at hand for comparison when you suspect something out of the ordinary.
Monitor Security on Both Sides of the Firewall
Most security solutions are designed to monitor traffic traversing the firewall. Though this does a good job of protecting you from external threats, it does nothing to prevent threats from within, which, according to the Verizon Business RISK Team report, resulted in 20% of the network breaches. Packet-level monitoring and analysis solutions installed at key network and data center connections can provide detailed security data as well as overall network monitoring and troubleshooting to secure your entire network.
Watch for Minor Policy Violations
Industry studies indicate a correlation between minor policy violations by employees, like illegal content on a corporate computing asset, and more serious data breaches down the road involving the same computing asset. This could be due to malicious behavior, but is just as likely to be due to careless activity on the computing asset that eventually makes the asset vulnerable. Constantly monitoring for minor policy violations can protect you from more serious breaches down the road.