Cyberattack: The Need To Know Beyond Intention

by CXOtoday News Desk    Jan 12, 2016

cyberthreat

With claims of 602Gbps, the recent DDoS attack on BBC websites, if proved, will be the biggest attack on record. While the extent of attack is huge, the kind of attack is anything but new. However, it has tilted the attention to the question as to what the victims must do in terms of understanding the attack as well as the attacker.

Apparently, the anti-IS organisation New World Hacking which has allegedly owned the responsibility for the BBC attack, wanted to see what sort of “actual server power” they had at their disposal.

The reasons for attacks may be as trivial as this to just fun to financial gains, hence the need for companies to be prepared.

Intel Security in its predictions for 2016, stated that cybercriminals could seek to exploit weak or ignored corporate security policies established to protect cloud services. 

It also states that in 2016 security researchers would continue to focus on potential exploit scenarios for connected automobile systems lacking foundational security capabilities or failing to meet best practice security policies.

As businesses are often busy with their business and don’t have time to go after the cyber criminals, it is only advised that they think like one. 

It means, organisations need to identify what are their core assets that could be the potential targets of attacks and work towards protecting them.

“After asking what they were after, the next question on a cyber attack victim’s mind usually has to do with who the hacker was. Again, this is an understandable concern but it doesn’t really get the victim far in terms of future safety,” says writer Noah Gamer in a blogpost. 

Trend Micro Senior Threat Researcher Kyle Wilhoit says that instead of identifying the attacker, the victims must focus on recognising the potential of the hacker. “Did the hacker utilize script he could have easily found on the Internet, or did he use custom-made malware designed specifically for this attack? While these types of questions don’t bring the cyber criminal any closer to justice, they do allow the victim to prepare themselves for future attacks,” he says.

The requirement for cybersecurity framework depends on the business, its reach, its vertical, targets and so on. There is no one fit-all policy.

“When an organization is up against targeted attacks from well funded groups, prevention can be very difficult. Attackers can always find ways to bypass the preventive controls. The need therefore is to complement with strong and pervasive security monitoring with tools, skills and incident management processes,” says Rajat Mohanty, CEO & Co-Founder, Paladion Networks. 

In India, according to a KPMG study in 2015, 72% of Indian companies experienced cyber-attacks this year.  

Amit Yoran, President, RSA, The Security Division of EMC explains, “What was considered an “advanced” threat in years past has become a commodity today, with sophisticated malware and exploits available for the price of a movie ticket.”

While finding the attacker may not help much in preventing future attacks, the businesses must essentially focus on securing their data and assets, and be ready to tackle any loss when attacked.