Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Preventing Cyber-Espionage

SecureWorks : 18 October, 2010  (Technical Article)
SecureWorks CTO provides an explanation of the cyber espionage threat to government bodies and major organisations and offers advice on how to avoid such a threat
Jon Ramsey, CTO of SecureWorks comments: "Cyber espionage focuses on compromising systems, and so attackers often use discreet malware, such as trojans, to infiltrate the networks of military, government, corporate or industrial organisations in an attempt to gain state secrets or intellectual property. After a system is compromised, sensitive intelligence can be collected and transmitted back to the attackers, and systems can be sabotaged or the information can be modified or destroyed. Distributed Denial of Service (DDoS) is a common method used to disrupt the flow of information which in turn disrupts the operations that rely on that information. All of these attack tactics were used in the Russia/Georgia conflict in August 2008. In addition to the military attacks launched against Georgia by Russian forces, key Georgian government websites and media outlets were taken offline by DDoS attacks (including the president's website) ,and government data servers were compromised and data was stolen. The cyber attackers also defaced multiple government sites and hosted fake Georgian web pages containing misinformation and propaganda."

"Since IT has become such a critical component of national infrastructures which support government, commerce and the military activities, any cyber-attack that disrupts the flow of information, or successfully combines a physical and electronic assault on the system, could effectively compromise an organisations ability to operate. As a result, nations have debated the need for a national 'intranet' that would support critical infrastructures such as finance, utilities, health and transportation."

To ensure organisations are fully protected against any type of attack, SecureWorks would recommend the following measures are implemented:

1 Partner with information security experts to fully understand the threat landscape while making use of their visibility across their entire client base
2 Know which assets need to be protected and the operational risk associated with each
3 Know where your vulnerabilities lie and fix or mitigate with a defense- in- depth strategy
4 Understand the adversaries evolving tactics, techniques, and procedures allowing you to reshape your defensive countermeasures as required
5 Be prepared to prevent an attack or respond as quickly as possible if you are compromised. While prevention is preferred; rapid detection and response is a must.
6 Have a fall-back plan (business continuity plan) for what you will do if you are victim of cyber war
7 Determine if your organisation is prepared to disconnect from the Internet if needed, and ensure that your business is able to operate solely on the Intranet.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo