Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Intimate Network Knowledge Required To Prevent Sophisticated Cyber Attacks

LogRhythm : 09 March, 2011  (Technical Article)
LogRhythm comments on the recent G20 cyber attack on the French government and reccommends improved log management for improved network event visibility as a means of preventing such attacks

France’s Budget Minister, Francois Baroin, has confirmed that the French Ministry of Economy, Finances and Industry has been the victim of a ‘spectacular’ cyber attack since December 2010, aimed at extracting G20 files.  The minister indicated that the attacks came from addresses located outside of France while Patrick Pailloux, director general of the French National Agency for IT Security stated that it was the first attack to have targeted the French state on such a scale.


Ross Brewer, vice president and managing director of international markets at LogRhythm, warns that this kind of bold attack represents a sign of what is to come, as cyber warfare attempts between states increase in frequency and complexity .


“As hackers become more sophisticated in their attempts to steal data, government bodies and indeed entire states are increasingly at risk,” said Brewer.  “The external attack on the French government and the G20 nations shows that cyber warfare can strike at anytime and originate anywhere. The traditional methods, such as anti-virus solutions and firewalls, aren’t infallible and they simply aren’t enough to ensure network security. Nation states therefore need to accept the inevitability of data breaches and take new courses of action to prevent similar incidents, which are both dangerous and embarrassing for the afflicted organisation.”


Although the French government appears to be making progress in tracking down the hackers responsible for this attack, the damage, unfortunately, will already have been done.


“Since the attacks began in December and have only just been blocked, the hackers have enjoyed a substantial holiday period during which to obtain confidential information,” continued Brewer. “This delay in identifying and putting a stop to the breach is unacceptable and the provisions taken to ensure the security of the French systems are quite clearly insufficient.  Instead of relying on those traditional methods of security, in the hope that breaches will be fenced out, organisations need to learn to recognise breaches in real-time, so that appropriate action can be taken immediately. The only way to do this is to develop a comprehensive understanding of what normal operating procedures look like, so that organisations can spot aberrations as soon as they occur.”


“Unfortunately, many organisations are wasting the very resource that would enable them to do this.  The IT systems for networks such as those of government bodies produce millions of logs each day, which, when collected and analysed via a centralised log management solution, provide an insight into every level of activity. This data is then used to identify suspicious or unexpected events before alerting to and reporting on them. Using this kind of system ensures that attacks like those aimed at the G20 data are immediately recognised as anomalous activity and damage limitation can commence at a far earlier stage.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo