Tuesday, May 25, 2010

Guest Post - Ricky Peterson - Cyber Attacks

Ricky Peterson was a Spring Research Analyst at Fortalice® LLC and is a student at Immaculata University.

One big statistic is that three quarters of Asia Pacific enterprises, i.e. Japan, China, Singapore, have experienced cyber-attacks in the past 12 months. 

The average enterprise loses $2.8 million annually to cyber-attacks. 

In Symantec’s ‘State of the Enterprise Security Report’, out of 21,000 businesses surveyed, 42% listed cyber-attacks as their most significant risk. 

Nearly all of the companies surveyed said they were planning changes to their cyber security efforts in the 2010 year. 

Of all reported cyber-attacks in the past 12 months 41% said the attacks were somewhat to highly effective. 

One company stated that they were experiencing 8 to 9 attacks per week. 

An astounding 100% of the companies surveyed by Symantec said they had experienced cyber losses last year. 

The most common of those losses were theft of customer information, environment downtime, and theft of intellectual property. One of the reasons behind these attacks is that enterprise security is becoming more difficult. This is because of understaffing, job cuts, and problems with compliance issues. 

Compliance is a big problem now because most companies are trying to comply with 19 different IT standards. The number of standards actually employed by most is around 8. Another cause is new initiatives for IT such as Server virtualization, Endpoint virtualization, Software as a service, and Infrastructure as a service. Basically, cloud computing and virtualization are complicating the jobs of the security team, who are not receiving additional resources to offset the increased difficulty. Even though there is mass coverage of cyber-attacks in the media, the number of attacks is still on the rise. 

Two possible reasons for this are money, and the fact that cyber criminals are not intimidated. Budget is always a problem with IT. The complexity of  system security is on the rise due to new technology, but the security teams are not being properly equipped to deal with it. A lot of money is going in to research and funding for new technologies like cloud computing. This leaves little left over for the security half. So, even though corporations know threats are out there, they may not feel they have the funding to increase security. Another thought is that even if security is well funded, new threats are being created every day. In most cases, a threat such as a backdoor Trojan or a virus cannot be dealt with until it is created. This means there is a time gap from when the malware is released to when it is found and a fix is created. This gap, no matter how small, may be enough to destroy or steal data from hundreds if not thousands of systems.

      Another thought is that cyber crime is not like regular crime in that if someone robs a bank and their face is plastered all over the news, chances are they won’t be robbing anymore banks anytime soon. Cyber criminals however, are very hard to catch. There is almost never a face, or for that matter even a name to put with the crime. They may be on the other side of the world from the place they are attacking. Tracing them is difficult as they may run their connection through numerous proxy servers before reaching the place of attack. Laws from other countries also pose a problem when trying to catch these people. The criminal know all of this and are thus not afraid to continue attacks even with all of the media coverage. 

The outlook for 2010 is bleak at best. According to Symantec, cyber-attacks this year are going to be nastier, more targeted, and more frequent. It also appears that governments are getting involved in cybercrime. According to Popular Science, the recent attack on Google and 30 other US companies was traced back to the Chinese Government. The US is also lacking in cyber defense as the White House only recently named a cybersecurity coordinator. Beyond this information, most experts are reluctant to predict any hard numbers. 

How should businesses prepare themselves and fight back?

Companies should prioritize the ability to backup and recover data
Secure backup servers, offsite data storage
Organizations need to be aware of where sensitive information resides, who has access to it, and how it is coming in or leaving
These areas should receive higher priority when implementing security and information backup
IT policies need to be developed and enforced
How to treat sensitive information
Proper use of company network
Standardized system updates


PC WORLD-Asia Businesses Weather Regular Cyberattacks

By Ross O. Storey, MIS Asia 
Symantec’s ‘State of the Enterprise Security Report’ 

Popular Science-Chinese Attack on Google Among the Most Sophisticated Cyberattacks Ever, Experts Say By Jeremy Hsu 

No comments:

Post a Comment