Massive cyberattacks, difficult configurations? what to do from here? All I have is some unusable data to the hackers – what is important about our stuff.
We are inundated with cyberattacks in the news and more terrorist attacks (beheadings, shootings, death etc.)
We have to have intent of protecting our assets to the best of our ability and when necessary bring other people into your environment, because “best of ability” is not good enough. You must make the decisions to create a better environment – period
There are ways to protect your network beyond of what is happening today. If you do not operate your network like the attacker is already in your network you are thinking wishfully – Pollyanna comes to mind.
The reason we must assume the attacker is already in network is that malware is very easy to obtain, even when everything is done correctly all it takes is one misstep, one incorrect click on the Internet. Sometimes the malware will download within the hidden programming code on a web page, and by hidden I mean the code that one does not “see” when going to the webpage.
It is easy to do as there are many html and other scripting code in a website that is hidden and runs as the site gets rendered on your desktop. Why do you think malware is so prevalent?
There are hundreds of potential vulnerabilities.
https://www.us-cert.gov/ is one of the spots you have to look for constant changes in your IT environment.
Now there is malware that can hack your hard drive and reformatting can’t fix the problem.
Network World has a story that discusses the Kaspersky report.
Which loses a big point. there are always ways to find out what your computers are doing. Even if the NSA has a listening device on all your computers you can find out. You may not be able to erase the special EquationAPT off your hard drive, but whenever it wants to talk to the NSA then you can find out.
Only if you have an IPS/IDS system properly staffed and configured.
http://oversitesentry.com/2-steps-stops-all-cyberattacks/
It does not do the NSA or criminal hackers any good to just hack your computer.
Communication with your computer is the game. And there is where we can find and stop the traffic.
Here is an image from Cisco
Notice the segments that say IPS and IDS, you can set up environments where you _can_ tell everything that is going on in the network. We do have to configure the System and we are reliant upon the IPS/IDS system manufacturer for removing malware, just like we are reliant on the Anti-virus software on our desktops to prevent viruses.
We can prevent the NSA from talking to their malware, just like we can prevent the criminal hackers from talking to their malware.
Contact Us if you dont have an idea how to do it.
1 thought on “Cyberattacks too difficult – I give up”