Ashley Madison, Anthem, CareFirst and the US Office of Personnel Management (OPM) are the prominent cyberattacks that happened this year. The cyberattack on the OPM revealed unauthorised access to data covering four million government employees. It followed two comparable attacks on the US insurer Anthem (80 million customers) and CareFirst (1.1 million). The most recent high-profile hacking of sensitive customer information was from the adultery site AshleyMadison.com (32 million user data). Unfortunately, the attacks on these organisations are only the tip of the iceberg. What companies fail to see is that security breaches don’t happen overnight and need to up their security approach in the digital world.
How important is data?
In all these cases, attackers accessed databases and copied millions of personal data such as addresses, email IDs, income details, credit-card information, and so on. Such data is strategically valuable and likes of credit-card details is sold on the black market and further used for other targeted attacks in the future.
Cyberthreats are backed by factors such as increasing mobile and web usage and social media, among others. Employees getting their own devices to the workplace is also another contributing factor. The hack, points to the fact that IT security architecture of those organisations were not as sophisticated and easily vulnerable to organised attacks.
It needs to be noted that millions of data cannot be stolen overnight. Attackers access an organisation’s network over several months. First, they search for ways to access the relevant data, which is often protected by multiple security mechanisms. Second, they copy data as secretively as possible, in small amounts and over a long period.
It is interesting to note that hackers were able to crack more than 11 million Ashley Madison passwords without much effort. This happened because the site’s password protection had serious programming flaws that resulted in more than a third of the passwords being poorly protected. Also, it turned out that lots of users were using common passwords that could be easily guessed. A lack of security awareness among employees is the main reason for majority of the attacks as attackers use social engineering techniques to trick employees into giving out confidential information.
More than one solution
Taking this into consideration, every organisation is looking for a robust security solution but these days the traditional security mechanisms like antivirus, firewalls or network monitoring software are not always 100 per cent effective and may not alert whenever there is a hacking attempt. What is needed is a proactive security strategy.
This does not mean that conventional security mechanisms become obsolete. Firewalls, antivirus and other tools fulfil their respective tasks. However, they need to be accompanied by effective mechanisms that monitor and provide real-time analytics of the IT infrastructure for a more scalable security approach.
In addition, an in-house IT security team spends most of its time responding to incidents and taking preventative measures to stop them reoccurring proving to be more expensive in the long run.
Today, managed security services seem a more logical solution that is rapidly gaining traction to guard against persistent and advanced threats. As cyberthreats grow with a vengeance, effective protection can only be achieved if results of security monitoring tools are constantly analyzed by experts so that they are properly configured and adapted to any changes in the environment.
— The writer is General Manager at RadarServices Middle East
