Cyber Terrorism – A Clear and Present Danger
What is Cyber Terrorism? Attacks on a website? Maybe. Maybe not. While people have varying definitions of terrorism, all can agree that when attacks are targeted at SCADA, the oil and gas industry, medical devices – or anything that deals with life or death – it brings the word terrorism into the conversation.
Cyber attacks are inevitable, and security teams are challenged to defend against everything. A best practice is to identify the attacks and determine what they really mean to your business – what are the bad actors are really after – in order to develop a response strategy.
Should the purpose or nature of the attacks be unclear, it is generally agreed that security executives should respond with the due care that would give them a comfort level when reporting to executives, regulators, shareholders and customers that they adequately defended against threats about which little was known.
Security executives are also concerned about Hack-Attack Threats. Because the battle ground has moved beyond the network to the application level, secure coding is critical. Because secure coding is fairly difficult, the question becomes, “How much is enough?” A rough rule of thumb is that “if you are still getting defeated, then you haven’t done enough.” At the end of the day, if an organization has been singled out as a target, and the adversary is significant, then the ability to prevent attacks is going to be difficult. Security teams can try switching mitigation strategies and tactics to provide a complicated attack surface, and then react quickly once attacks are identified.
Denial of Service attacks are getting a lot of attention. Many times, these denial of service attacks are pre-announced. Security executives are finding that that anonymous groups are making many announcements of attacks, but rarely follow through with the attack. Regardless of whether the attack happens, security teams must be on high alert and prepared just in case. Security intelligence is critical in defending against such attacks. Many organizations are buying DoS services from their cloud hosting providers, but are not sure if they are adding any value yet.
When presented with the choice of having only three controls – one for technology, people and process – top choices are education for people, risk management beyond the security team for process and identity management and white listing for technology. |