The Evolving Landscape of the Cyber Battlefield

Recent attacks on the computer network at the New York Times highlights the diligence that some hackers show when they are determined to steal information. The attacks are said to stem from an investigative piece from NY Times reporters pertaining to business dealings that benefitted family members of China’s prime minister, Wen Jiabao. The intrusions were of a sophistication usually only seen on a level financed by nation-states. And while China denies the allegations, they have been protective of their leaders in the past.

In an unprecedented move, New York Times officials let the hackers have access to their network in order to study their movements and build better defenses against future such intrusions. Even though the hackers were eventually removed, lessons were learned, especially when it came to the part employees play, inadvertently, to cyber attacks against the company that they work for.

While the attacks were ongoing, the hackers were able to install over 45 pieces of malware, with only one of those pieces of malware being detected by the Symantec virus protection which was installed. The fact that the hackers were able to defeat the virus protection Symantec offered goes to show the increasing sophistication of such attacks. Ways to defeat such attacks include:

Employee Training: The best, first defense is training office employees proper Internet protocol while at the office or when using company owned equipment.

Whitelisting: Difficult to manage, whitelisting allows only pre-approved applications to run on company owned laptops.

Sandboxing: Limits employees to using only the network resources that they need to complete their job.

Micro-Virtualization: Isolates laptops from business applications and sensitive data by running any risky tasks within a micro-virtualization environment.

Exploit Detection Technology: Make it more difficult for hackers to take advantage of the vulnerabilities inherent in some software.

Conclusion

While the above methods will not stop a concerted effort by hackers to infiltrate a company’s network, they can go a long way toward stopping attacks by individuals without the resources of a nation-state to back their efforts. For bigger attacks, monitoring the network and reporting any anomalous events should help keep such attacks to a minimum, or stop them altogether.


For more information about preparing for cyber attacks, visit: http://www.csoonline.com/article/728083/lesson-learned-in-cyberattack-on-the-new-york-times