New York, NY (PRWEB) May 14, 2013
May is not even half over and already there have been some massive cyber attacks making headlines this month, with two being especially frightening. First up was a three-year long cyber intrusion that compromised massive amounts of data from a military defense contractor, QinetiQ North America. They only have their fingers in areas like satellites, drones, robotics, military software and other high-tech gadgets the US military depends on to maintain dominance. The second involved two intricately orchestrated and sophisticated attacks involving the banking sector and ATMs that netted $ 45 million in cash in roughly ten hours, carried out with precision coordination that spanned over two dozen countries. Joe Caruso, CEO/CTO of Global Digital Forensics (GDF), took some time to discuss the implications of such breaches and the importance for any organization to keep their cyber security posture current.
A very big deal
If there are two industries that raise the hair on my arm when I think about them getting breached by cyber attackers, its military defense and the financial sector. When nefarious players manage to take control of these types of digital assets, it doesn’t just have the potential to topple a company, it could topple a nation, and more.
Not with a bang, but a whimper
Hackers had access to QinetiQs data on and off for three years. Think about that. Their experts said the intruders had access to virtually everything over the longevity of the attack. So basically, the secrets to all this cutting-edge technology our nation depends on for security and stability, whether already deployed or still in the developmental phase, has been compromised, which means potential enemies now have the recipe and all the ingredients they need to make Kryptonite. And if that happens, the shock-and-awe of our next military engagement may quickly turn into shock and awe on our part when our superior technology is neutralized right out of the gate.
Out of control
As far as the $ 45 million cyber heist goes, the most disturbing thing to me is not that they executed the plan with such precision, or had access to live account credentials with substantial funds, or even that they had boots on the ground around the world to collect the actual cash, thats all been done to some degree for years. What got my attention is that they were able to manipulate internal controls that reset limits and other protection features. And thats a very big deal. Like Rothschild said, Give me control of a nation’s money and I care not who makes it’s laws. So I think its pretty self-evident that constant vigilance on the cyber security front is not a luxury, its a paramount responsibility for every organization doing business online or relying on digital assets with value to cyber attackers, and that includes just about everybody these days. Because even a small business can be a springboard for attackers to gain access to larger organizations through their vendor and/or client connectivity with them.
Understanding todays cyber threat landscape is crucial
With every organization having its own unique footprint in the digital world, its only logical that the cyber threat landscape each faces is unique as well. Our cyber threat assessments are designed to take out the guesswork about what kind of threats should be on an organizations radar, and uncover areas of weakness regarding cyber security policies and procedures as they relate to an organizations digital architecture. So, for instance, if they have a BYOD (Bring Your Own Device) policy in effect, the threats that can come from the mobile side of the house, like smartphones and tablets, must be scrutinized, as well as the cross platform relationships and interactions with the ESI (Electronically Stored Information) that can be accessed. And its important to do this regularly, because as threats evolve, and they always do, what was effective yesterday may have serious deficiencies today.
Simulating real world attackers
Another component which is very effective at uncovering weakness in cyber defense is penetration testing. We take on the role of real-world attackers and launch attacks using the same tradecraft and tenacity todays cyber intruders use. From phishing and spear phishing campaigns, to all sorts of social engineering tricks to breach physical levels of security, like air-gaps used when segmenting critical internal systems from more vulnerable outward-facing networks, we will attempt to gain access to credentials, systems and data and/or attempt to deliver GDF infected payloads, which thus far we have never failed to do. Its an eye-opening experience which has a long lasting effect as far as keeping cyber security on everyones mind. Once an employee, manager or executive can be called out as a weak link, its something that isnt easily forgotten. Once all the results are in and analyzed, we can work hand in hand with an organization to start closing the holes and stopping the relevant threats.
Breach Response and Remediation
The ramifications of a successful cyber assault don’t end with the intrusion, regulatory compliance agencies are also waiting their turn to add insult to injury. With stricter regulation and pursuit through Sarbanes-Oxley (SOX), HIPPA, PCI, GLB and other legislation, it is imperative that organizations have a cyber emergency incident response plan in place. GDF and its global network of Emergency Response Teams (ERTs) can be on site in matter of hours to isolate, secure and investigate security breaches. We are very good at helping organizations put out the fires that can come from even a single successful cyber intrusion, including the hits that trust and credibility can take from a client, vendor and investor perspective.
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so dont hesitate to get help. For more information, visit http://www.evestigate.com.