We're losing the battle against state sponsored attacks
by Philip Lieberman - President of Lieberman Software - Monday, 8 April 2013.
In my daily interaction with Government bodies, Police and other public sector authorities, we are seeing a huge rise in attacks which are state sponsored and targeted at the Critical National Infrastructure. The real fight isnít from stopping them getting in, itís actually about how far within your organization you can stop them reaching.

Todayís attacks are crafted on a per-user basis on a mass scale designed to regularly compromise some subset of the systems within an organization. The objective of the attacks are to gain access to the internal network with a set of valid credentials (the higher privileged the better), and then try to jump around from machine to machine gathering more and more credentials and access.

To counter these attacks some of our customers, who are under active 7/24 attack have begun to rotate all passwords every 8 to 24 hours. This has created a nasty problem for attackers: not only are they limited to only one compromised system, but even this access is terminated automatically.

It appears that the attackers have a good understanding of common weaknesses focusing on default passwords, blank passwords, common passwords, shared passwords, and the use of publicly publishing password spreadsheets on shares.

The point to be made is simple: there is little to no real security found in the commercial tools for anti-virus and anti-malware from the major software providers and the continued purchase of these products is a waste of money and time when the foe is more than a petty criminal.

The next major threat will come from a nation state taking aim at our critical national infrastructure and knocking out resources essential to life. This will be an easy target since many of the utilities have little interest or appreciation for security. Their systems have been fully characterized by hostile powers external to the United States and will eventually be turned off and/or damaged when the time is right.

The intelligence agencies have been warning Congress and the Senate about these problems as well as the utilities themselves. Unfortunately, someone, or a lot of someones, will need to be harmed to get these providers to change their ways.

Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //