Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

New Security Approach Needed For Espionage Viruses

LogRhythm : 30 May, 2012  (Technical Article)
Following the emergence of the latest Flame Malware which targeted Iran, LogRhythm proposes changes in the way security tools are used
New Security Approach Needed For Espionage Viruses
Yesterday it was reported that Iran had uncovered a new and extremely sophisticated malware attack targeting its IT systems, dubbed ‘Flame’. This follows on from two other high-profile cyber attacks – Stuxnet and Duqu – dating back to 2010.  The malware is now in the process of being removed, but the research indicates that the attack could have been the cause of various recent incidents of mass data loss in Iran.

The Iranian Computer Emergency Response Team (Maher), which discovered the attack, claims it had avoided detection from 43 different anti-virus tools.

Ross Brewer, managing director and vice president, international markets, LogRhythm, made the following comments:

“As cyber warfare continues to escalate, criminal tactics are becoming increasingly damaging and sophisticated. The fact that Flame avoided detection from 43 different anti-virus tools and took more than two years to detect is simply unacceptable in this day and age, and acts as solid proof that traditional perimeter defences such as anti-virus software just aren’t enough.

“This discovery once again highlights how critical it is to have a clear view of every single event that occurs across an organisation’s entire IT estate at all times. Having this constant 360 degree visibility of IT network log data means that organisations can monitor all anomalous cyber activity. Rather than just keeping threats out – which clearly no longer serves as an effective security strategy – data security now depends on addressing any potential threats in real time. This enables proactive identification, isolation and remediation of any potential cyber threats the moment that they occur – rather than having to depend on reactive perimeter solutions that can miss sophisticated malicious components such as Flame.  

“Having such an in-depth holistic insight into IT networks also gives organisations the actionable intelligence to effectively conduct forensic investigations into cyber attacks. With much finger-pointing at various nation states around previous cyber attacks on Iran, inaccurate accusations could inflame already-tense diplomatic conflicts and may even incite military aggression. The continuous monitoring and advanced correlation of IT log data can offer the insight required to piece together seemingly isolated events, ultimately facilitating deep forensic analysis into increasingly sophisticated cyber attacks. Only with this level of network visibility can attacks be accurately attributed to the correct perpetrators.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo