Lessons From the Scariest Security Threats
One of the scariest security threats, particularly for companies who have a lot to lose in terms of finance and data, is what’s called Advanced Persistent Threats or APT. What makes it so much more scary than the average intrusion is that unlike the random hacking attempt, which is usually a hit-and-run because the perpetrators are scared of being traced and caught, APTs are highly sophisticated forms of cyber attacks that take a lot of time and careful planning on the side of the hackers, as they “settle in” on a network and mine sensitive corporate data for the long term.
By the time admins find out about APTs, it’s usually too late as too much data has already been compromised. In a lot of cases, the APTs are only found out when the hackers have already achieved their goal. Recent examples are the Target and Home Depot breaches, where the attacks were only found out after the perpetrators have already stolen billions of sensitive customer data and caused a big enough PR nightmare to get CEOs and CIOs fired.
Do not listen to upstart security professionals who thumb their nose and label APTs as just a marketing buzzword. It’s a dangerous (and financially ruinous) threat as outlined by the example above. However, the silver lining is that there are lessons to be learned from all the attention APTs have been getting as of late. Here are a few:
You’re Always a Target
Many companies get hit by APTs easily because they think they’re not a target. They think they’re small, that there’s no money to be had in hacking them, that they’re not popular enough to be noticed, and that it’s simply not worth it for the hackers. But perpetrators of APTs don’t care. They know that all businesses strive for growth, and even small ones will “ripen” over time, so they watch out for new targets and get in early while the company still feels safe because they are “not worth the effort.” When the company grows and becomes large enough to warrant increased security, it’s already too late as the APTs have already got in.
Security Threats Aren’t Always Technologically Advanced
When it comes to security, meticulousness is imperative and no detail however small should be ignored. The tendency for some security experts, particularly in massively important cases like APTs, is to assume that the perpetrators are highly organized and have access to the best tools and skills needed for an attack, sometimes missing things right under their noses – like a disgruntled former employee who got elevated access after buddying up to a network administrator.
Prioritize Security Over Maintaining Operations
It’s not just APTs. All hackers love it when companies are so determined to maintain their operations that they won’t even entertain the idea of a few hours of business disruption for the sake of increased security. They would rather leave a few things untouched as long as it’s a low risk. One key example of this is password resets. It is important that all accounts in the network get their passwords reset regularly, but sometimes businesses choose to leave a few accounts untouched because changing them would disrupt operations (either because the account is used by an executive who doesn’t want to go through the trouble of remembering a new password, or because some automated workstations would need to be taken down in order to update their code for the new credentials.) These unchanged passwords could make all the work on security worthless, as hackers will have the proverbial keys to the kingdom when they get their hands on them.
January 2nd, 2015 at 8:31 pm
[…] but not the least, it is an issue of security (or lack thereof,) that could have been prevented by a paid web host that constantly monitors the […]