2014 was the “Year of the Breach” they say with the usual credit card breaches: Home Depot, Target and more…
The clincher was the ultimate attack with Sony corp that brought the network down completely. It was an unusual attack, since the attackers actually stole data and then deleted it. Thus the network became unusable. the Sony attack was more insidious and methodical. The attackers are suspected to be part of the 3000+ cyber hacker division of the North Korean army.
The FBI attributes the attack to North Korea, although some cyber specialists(Bruce Schneier) think it was an inside job because the event was too methodical and the hackers seemed to have too much knowledge of he inside network.
If it takes over 200 days to find out if there is a breach on average… Dark Reading article explains how about a breach where the attackers are plentiful with state-sponsored attacks? I saw the movie “The Interview” and I am an immigrant myself, so I understand the potential linguistic and cultural misunderstanding that can happen. I would not put the attack out of bounds of North Korean militaristic methods (attack and destroy) instead of the usual criminal (steal money and resources).
The attack proved beyond a shadow of a doubt what can happen with a determined attacker against weak defenses (as has been reported Sony had previous breaches and a porous defense).
So is this you(from Dark reading article):
” One security leader, Mike Parrella, director of operations for managed services at Verdasys, was more blunt about why he believes organizations have not worked to improve visibility on their networks.
‘The main reason is because businesses and government alike are filled with idiots and ostriches,” he says. “People are simply not looking for a leak — they would rather not look, not be bothered, not spend to solve the problem, and so they are not finding. They prefer to outrun their risk.’ “
There is at least a misunderstanding of what is going on the Internet by the Public at large versus the cyber security professionals who are at the front lines and see the attacks.
The cyber security professional sees the attacks coming, keeps up on the latest vulnerabilities, knows how easy it is to break into a misconfigured machine. All it takes is one mistake. That is why one sets up testing of your network and website environments.
There can be no mistakes.
The executive sees cyber security as a must do, a line item of costs, almost like an annoyance. A “risk management” philosophy where there are small mistakes and large mistakes, where the mistakes are measured. But that is not how criminals see this environment:
http://bcove.me/vchfpcni Is the link to the FBI agent who discusses the Russian Organized crime rings fromthe early 90’s.
The Russians and other criminals see us as Fish in a barrel, they put their hands in the barrel and “fish”. I.e. it is easy and plentiful. They consider it their patriotic duty to attack and steal money from us.
I believe the risk management philosophy has not fared well in this higher risk environment since we could allow some mistakes before, but any mistake will cause a breach now.
These are the guys who you hope to allow a couple of mistakes.
Contact Us to review your options so you can improve cyber security and find any mistakes.