From: Press Release
While the spotlight often falls on cyber attacks targeting the energy and financial sectors, small and medium-sized business are under assault too. The founder and CEO of Global Digital Forensics sheds some light on the realities of the cyber battleground everyone shares, and stresses the importance of regular cyber threat assessments in the constantly evolving world of cyber threats.
Late last month, the Council on Foreign Relations (CFR) published a report which revealed the US energy sector suffered more targeted malware attacks than any other industry for a full 6 month span. Last month also saw Microsoft and the FBI coordinating with officials in over 80 countries to free over 3 million PCs from the Citadel botnet which was used to steal over half a billion dollars from financial institutions around the world, with US financial institutions topping the list as being the most highly targeted. Joe Caruso, founder and CEO/CTO of Global Digital Forensics, took some time to discuss how other businesses and industries can be leveraged to assist in attacks on critical infrastructure targets, and the importance of regular cyber threat assessments and network penetration testing.
Close friends can get enemies closer too.
“When it comes to cyber warfare, you can always find energy and financial targets hovering around the top of any list of most sought after targets,” said Caruso, “but what many people don’t realize is that even businesses in industries nowhere close to those can also prove instrumental to cyber attackers in successfully targeting critical infrastructure sectors by providing a less scrutinized gateway to deliver malicious payloads and ply their sinister trade. Vendors, associates, clients and even investors are typically considered friendly, so emails, software applications, support assistance and/or any other form of digital connection or communications, can crack open the door for cyber attackers to squeak right in if cyber intruders have gained access to those friends’ networks. For instance, it would only take one cleverly crafted spear phishing email to introduce a malicious Trojan, and if they can personalize it effectively by leveraging insider information they gleaned from the compromised network of one of those trusted entities and make it look like it is coming straight from them by using spoofed email headers, the chances of a malicious link being followed, or an infected attachment being opened are exponentially increased.”
A wolf in application’s clothing?
“Or imagine a software application vendor getting hacked and a malicious payload or backdoor is built right into the application you purchase and use from this trusted source you’ve been doing business with for years. It happens all the time, because application programmers and developers usually have blinders on, focusing primarily on what they should be focusing on – functionality and all the bells and whistles that will help them sell those applications that make your digital life easier and more effective. But they are usually not cyber security professionals, that job is left to others, like us. We are called on all the time to put applications through the ringer to ensure they are clean and safe. And let me tell you, the shock level I see on client’s faces when we find a problem with an application they’ve been wholeheartedly trusting, is usually at least an eleven on a scale of one to ten.”
Keys to surviving the constantly evolving cyber-threat landscape
“First and foremost, cover the basics. That alone will stop over 90% of all cyber attacks, data breaches and intrusions. But, just like medications, what works great for one person or group may not be the right prescription for another. That’s why regularly performed cyber threat assessments are so important. When we are called in to improve an organization’s cyber security posture, we start with a thorough cyber threat assessment. That means we look at the entire digital infrastructure and how it fits in to an organization’s daily operations, needs and objectives. Are personal devices like smartphones and tablets part of the equation? Is remote access from home by employees a concern that should be on the table? And so on. Then we review all of the policies and procedures in place relating to cyber security, identify the weaknesses and help improve them. If no policy or procedure guidelines exist, we help craft them. If regulatory compliance is part of the picture, we focus on that too. The next step is comprehensive penetration testing, where we take on the role of real-world hackers to infiltrate the client’s network using the same tradecraft real-world hackers would use to compromise a network, from social engineering techniques like phishing and spear phishing campaigns, to brute force attacks and any other targets of opportunity. We’ve never failed to compromise our target during this phase, and that success only serves to make our clients stronger against all comers, as well as raising cyber security awareness every step of the way. And since threats are constantly evolving, doing both of these regularly is crucial, because what worked last year may not be the best approach today.”
While perfect protection against every conceivable cyber threat out there is simply not achievable without totally disconnecting from the digital world, great protection is definitely attainable with the right cyber security professionals in your corner, and it doesn’t have to prove prohibitive from the time or cost perspective. Let GDF put you on the right path today, and once at least 90%+ protection is achieved and implemented, GDF can help shift focus to any other advanced threats a client has, or is likely to face.
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.
Leave a Reply