Cyber attacks occur with increasing speed and sophistication. Advanced persistent threats (APTs) that are tailored to infiltrate a network and target specific information are a reality, and are only going to become more pervasive.
In today’s world of the Internet of Things (IoT) where all devices connect to the Web and to each other, breaches are a matter of ‘when’, not ‘if’. A hacker who is determined enough will eventually find a way in, via a vulnerability in the network perimeter, stolen login credentials, a zero-day exploit, or by employing spear-phishing techniques.
Robert Brown, CEO of DRS, a Cognisec company, says today’s security solutions and tools are mostly defensive. “In this way, the tools on the market today are designed to identify and fix issues once they are at the network perimeter, or sometimes only once the perimeter has been breached. Depending on after-the-fact solutions to defend your networks and your most sensitive data is a case of closing the stable door once the horse has bolted.”
He says any security issues need to be pinpointed before they have had the opportunity to do damage. “This is why we need proactive intelligence gathering capabilities, and advanced solutions, that allow companies to keep sight of malicious campaigns or development activities, allowing for a pre-emptive strike so they may be ready for, and able to stop, many threats before they are able to claim their malicious payload.”
Brown says detection and prevention capabilities still have their place, but are not adequate when it comes to dealing with APTs that are too stealthy and sophisticated. “The risks of these threats are simply too great.”
He says there are tools available that help prevent APTs from gaining a foothold in the network. “Tools that filter email content for example. This would include Sender ID or Sender Policy Framework (SPF) that can be utilised to root out any spoofed emails. Email content can also be examined for any of the expected phishing signs, and for links and attachments, which can be isolated and analysed to uncover any malicious activity.”
Application white-listing is another useful solution, as it prevents users from running unauthorised software, including executables and scripts attached in emails. It can also be used to limit the types of attachments that are allowed, excluding any executable attachments for example. “This is not a silver bullet though. The most cunning threat actors have found ways to slip through these nets, for example, by sending a spreadsheet containing a malicious macro, or ones that take advantage of flaws in popular software,” Brown says.
Tools are not the only ways to prevent APTs, he adds. “I cannot stress enough how educating employees about social engineering and phishing is vital to their prevention. Make sure employees know not to click on links, open attachments or download files from untrusted sources. This includes opening emails from people they don’t know, and suspicious mails from people they appear to know. Also, advise against shopping on unsecured Web sites. The majority of incidents and compromises are a result of ignorance, oversight and thoughtlessness, and can be avoided with a little common sense.”
By using these and other tools available, organisations can lessen the attack surface and make it increasingly difficult for attackers to accomplish their ends. However, any hacker who wants to get in badly enough, will eventually succeed. “Making your business a less attractive target by making it more expensive and time consuming to breach is key; it might make them look for lower hanging fruit,” Brown concludes.
Behind the scenes:
Dynamic Recovery Services (DRS) is an ICT services and solutions provider specialising in providing innovation and agility in information security, IT risk management and IT governance. The company provides security services with a portfolio that satisfies customer needs, from the creation of security strategy to the daily operation of point security products – www.drs.co.za
Cognosec is an IT security company engaged worldwide, operating in a multitude of industries including banking, finance, government, healthcare, retail, manufacturing and hospitality. Cognosec’s extensive experience in security, governance, risk and compliance services allows the company to offer the best in payment, communications, network, and e-commerce security – www.cognosec.com
- Perhaps its time to join the Circus | #Business | #Entrepreneur | Bjorn Salsone | ZipZap Circus | #Podcast - October 4, 2022
- The power of that SUBSCRIBE button | #Business | #Marketing | #e-commerce | Kevin Britz | Craig Page-Lee | Lunchtime Marketing | #Podcast - September 29, 2022
- Porn, parents, children and social workers burning out | #Insights | #Society | Ingrid von Stein | Edith Kriel | Jelly Beanz | #Podcast - September 28, 2022
- Desperation and hopelessness is surrounding us in business | #Insights | #Business | #LunchtimeCoaching | Kevin Britz | Leoni Coetzee | #Podcast - September 28, 2022
- Why paying your tax as a small business owner is so important | #Insights | #Tax | #WordOfMouth | Lindi Tshabangu | Tusani Mnyandu | Mazars - September 26, 2022
- Retailers are looking at smart solutions to South Africa’s power crisis with electricity costs likely to double over five years | #Insight | Steven Heilbron | Capital Connect - September 26, 2022
- News of the Week | #News | #News Updates | Kuhle Tshabalala | #Podcast - September 23, 2022
- HUMILITY IS NOT THINKING LESS OF YOURSELF, IT’S THINKING OF YOURSELF LESS! | #Business | #Leadership | Kevin Britz | Meenakshhi Iyer | NorthStar Solutions - September 23, 2022
- Lana Marais appointed as Regional Director for emerging markets, dentsu Africa | #Wires | #Media | #Marketing | #Branding - September 21, 2022
- Self Promotion in leadership | #BusinessCoaching | #Business | Kevin Britz | Meenakshhi Ayer | Northstar Solutions | #Podcast - September 21, 2022