DDoS attacks can often hide a more sinister and more damaging attack – where the DDoS actually acts as a distraction - and for this reason organisations within both the private and public sector, must ensure that their IT security infrastructure and processes are up to speed and fully prepared for an attack to strike at any time.
Whether due to complacency or naivety, the vast majority of organisations have failed to adapt these security processes and procedures to reflect the changing threat landscape. Today’s attacks are carried out by groups, rather than individuals; and many are now designed to steal valuable data – and leave no trace. And these organisations are patient. This complacency must be addressed and organisations need to start embracing a higher level of best practice in security processes and procedures.
Organisations need a completely infallible way of detecting the presence of malware if and when it does manage to bypass security defences. The back stop to traditional defences ideally needs to be a real time alert triggered by any change to file structure that might indicate compromise or the beginning of the slow move towards the central core of the business. File Integrity Monitoring (FIM) is proven to radically reduce the risk of security breaches by raising an alert related to any change in underlying, core file systems, to ensure there is no risk of stealth attacks.
It is imperative that organisations safeguard their data – from customer records to intellectual property – against organisations with phenomenal reach and expertise, as well as a willingness to play the waiting game. The risks have changed. The threat is stealthy and targeted. Organisations in all sectors must be armed with the right defences to ensure that security is part of everyday business operations.
Mark Kedgley, CTO, NNT