Cyber attacks occur with increasing speed and sophistication. Advanced persistent threats (APTs) that are tailored to infiltrate a network and target specific information are a reality, and are only going to become more pervasive.
In today’s world of the Internet of Things (IoT) where all devices connect to the Web and to each other, breaches are a matter of ‘when’, not ‘if’. A hacker who is determined enough will eventually find a way in, via a vulnerability in the network perimeter, stolen login credentials, a zero-day exploit, or by employing spear-phishing techniques.
Robert Brown, CEO of DRS, a Cognisec company, says today’s security solutions and tools are mostly defensive. “In this way, the tools on the market today are designed to identify and fix issues once they are at the network perimeter, or sometimes only once the perimeter has been breached. Depending on after-the-fact solutions to defend your networks and your most sensitive data is a case of closing the stable door once the horse has bolted.”
He says any security issues need to be pinpointed before they have had the opportunity to do damage. “This is why we need proactive intelligence gathering capabilities, and advanced solutions, that allow companies to keep sight of malicious campaigns or development activities, allowing for a pre-emptive strike so they may be ready for, and able to stop, many threats before they are able to claim their malicious payload.”
Brown says detection and prevention capabilities still have their place, but are not adequate when it comes to dealing with APTs that are too stealthy and sophisticated. “The risks of these threats are simply too great.”
He says there are tools available that help prevent APTs from gaining a foothold in the network. “Tools that filter email content for example. This would include Sender ID or Sender Policy Framework (SPF) that can be utilised to root out any spoofed emails. Email content can also be examined for any of the expected phishing signs, and for links and attachments, which can be isolated and analysed to uncover any malicious activity.”
Application white-listing is another useful solution, as it prevents users from running unauthorised software, including executables and scripts attached in emails. It can also be used to limit the types of attachments that are allowed, excluding any executable attachments for example. “This is not a silver bullet though. The most cunning threat actors have found ways to slip through these nets, for example, by sending a spreadsheet containing a malicious macro, or ones that take advantage of flaws in popular software,” Brown says.
Tools are not the only ways to prevent APTs, he adds. “I cannot stress enough how educating employees about social engineering and phishing is vital to their prevention. Make sure employees know not to click on links, open attachments or download files from untrusted sources. This includes opening emails from people they don’t know, and suspicious mails from people they appear to know. Also, advise against shopping on unsecured Web sites. The majority of incidents and compromises are a result of ignorance, oversight and thoughtlessness, and can be avoided with a little common sense.”
By using these and other tools available, organisations can lessen the attack surface and make it increasingly difficult for attackers to accomplish their ends. However, any hacker who wants to get in badly enough, will eventually succeed. “Making your business a less attractive target by making it more expensive and time consuming to breach is key; it might make them look for lower hanging fruit,” Brown concludes.
Behind the scenes:
Dynamic Recovery Services (DRS) is an ICT services and solutions provider specialising in providing innovation and agility in information security, IT risk management and IT governance. The company provides security services with a portfolio that satisfies customer needs, from the creation of security strategy to the daily operation of point security products – www.drs.co.za
Cognosec is an IT security company engaged worldwide, operating in a multitude of industries including banking, finance, government, healthcare, retail, manufacturing and hospitality. Cognosec’s extensive experience in security, governance, risk and compliance services allows the company to offer the best in payment, communications, network, and e-commerce security – www.cognosec.com
- Firstwatch announces 2021 initiative to support entrepreneurs | #Entrepreneurs | #PayItForward | #ebizradio - October 19, 2021
- See me, Understand me, Learn with me | #Insight | #Education | The Montessori model enters your home | Madeline Hoban | InHome Montessori - October 19, 2021
- Is your business ready for the new frontier of hybrid working | Business Brunch with Björn | #Entrepreneur | #Technology | Craig Johnson | NSN.CO.ZA - October 19, 2021
- Abundance is not what’s in your wallet | #Insight | #LunchtimeSeries | Kevin Britz | Naomi Basson | #Podcast | #ebizradio - October 18, 2021
- How important is Employer Branding to you and your business? | #Insight | #HR | Pabi Mogosetsi | UNIVERSUM | #Podcast | #ebizradio - October 18, 2021
- Motoring News | Diesel and Dust | Tumelo Maketekete | #Motoring | #ebizradio | #Podcast - October 15, 2021
- How is AI going to affect both Business and the Advertising landscapes? | #Marketing | #LunchtimeSeries | Kevin Britz | Craig Page-Lee | #ebizradio | #Podcast - October 15, 2021
- How do youth actually consume content? | #Entrepreneur | #WordOfMouth | Lindi Tshabangu | Khathutshelo Bapela | #Podcast | #ebizradio - October 14, 2021
- Since SA has have moved to level 1 lock-down, what effect is this having on the markets? | #Insights | #Trading | Zihad Israel | CMTrading | #ebizradio - October 14, 2021
- Behind the scenes with a Theater Producer | #BusinessBrunch | #Insight | Björn Salsone | Bernard Jay | #Pantomime | #Podcast #ebizradio - October 12, 2021