Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Insider Presence Hack on IMF Requires New Approach

LogRhythm : 14 June, 2011  (Technical Article)
LogRhythm comments on the IMF hack and the role of log management in the detection of insider breaches, whether real or virtual
This weekend the IMF announced it had been subject to a sophisticated cyber attack earlier this year. The hack was designed to create a “digital insider presence”, compromising at least one desktop and generating suspicious file transfers.

 

Ross Brewer, vice president and managing director for international markets, LogRhythm, has made the following comments:

 

“The IMF has revealed very little about this incident but with the FBI now involved, and the World Bank cutting its network connection to the organisation, we can safely assume that the attack is of a serious nature. As yet another high profile organisation falls victim to a data breach we are once again forced to question whether it is actually possible to protect data from hackers. The sheer number of headline grabbing incidents suggests that attempts to prevent cyber attacks from occurring in the first place may be ineffective and that a new approach is required.”

 

“There are some calls for employees to play a bigger role in detecting suspicious activities. While it is always helpful for staff to be alert, this misses the point - organisations already have all the information required to spot and fight breaches at their disposal. The key to stopping hacks before they have a chance to do serious damage is stored in the log data generated by IT systems. These provide the traceability required to spot patterns of suspicious behaviour in real-time. Due to the volume of logs generated it is essential organisations have centralised, automated systems in place that can provide the 360 degree visibility needed to identify and respond to increasingly sophisticated attacks.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo