Insights: Security News

What we can learn from the ABC’s Four Corners program on Cyber War

What we can learn from the ABC’s Four Corners program on Cyber War

The ABC’s recent Four Corners program ‘Cyber War: How hackers are threatening everything from your bank account to the nation’s secrets.[1]’ is a must-see for anyone using technology today. This well-researched and easily consumable report provides insight into a global economic, social and political issue that affects us all.

Courtesy ABC Four Corners

One story particularly stands out for me because it is so alarming; the example of NewSat and their IT manager. On investigation, they found that the breach had gone undetected for more than two years, potentially exposing designs, financial data and other sensitive information to the organisation or government behind the breach. One comment, in particular, gave me pause: “With the more specialised security tools that we had we were able to determine the location of the attacks and the majority of them were coming from China.”

All the technology, but no insight

This is what our team come across every time we talk to a potential customer. Most organisations have invested significant amounts in security technologies (e.g. firewalls, intrusion protection systems, web gateways, antivirus etc.) and I suspect NewSat was no different. Almost certainly, when NewSat was breached, one or more of their technologies logged information, which, if analysed, would have indicated the breach. So why weren’t they aware?

Finding the needle in the haystack

The reason is all too common. Existing security devices are logging vast amounts of valuable information. To give this context, an average sized organisation will log around 1500 or more events per second. Yet, in most organisations, these logs are just stored away and only reviewed after an incident has been detected. By that point, ransomware has already encrypted valuable files or data has already been copied and publically released, which too late of course!

So, what are your options?

By actively monitoring event logs, Threat Intelligence services detect attacks at the time they are attempted and provide the necessary assistance to prevent significant impact. The message for any organisation is to ask if your IT team has the ability to make the most out of the security infrastructure in place and to actively monitor and analyse all of the data your devices produce. If not, then perhaps it is time to talk about how you can maximise the protection afforded by your existing security investment.

[1] http://www.abc.net.au/4corners/stories/2016/08/29/4526527.htm

This Insight was written by:

Latest Insights

Articles
Cyber Security
Disinformation

Disinformation and You

Disinformation is false or misleading information created with an aim to cause harm, garner political influence or lead to financial

Crew Stories
White Papers
MAIDE FOR SIAM

MAIDE for SIAM

Our MAIDE Model is founded on years of experience in both SIAM theory, and the design, implementation and operation of

Speak with a
PROTECT+ Expert

Call Now

Click or Tap

Email Now

Click or Tap