Kapil Awasthi, Senior Security Consultant, System Engineering Group, Check Point Software India, said, “It took the 26/11 attack on Mumbai for the importance of security to register.” He tackled the questions of how an organization could combat advanced targeted attacks, why an organization gets attacked, the motivations of the attackers, etc.
2011 was a year of financial attacks worldwide. Hacktivism, state-sponsored attacks and financial gain are some of the most talked about trends right now. E.g. A Bangladeshi group claims to have hacked 20,000 Web sites. Another instance was of Mitsubishi’s site, which was breached in Japan.
There are different types of attacks—targeted, volumetric, social engineering, low and slow etc. Most attacks happen due to human and not because of technological vulnerabilities. A volumetric attack can be done with network flooding, server flooding, application (Web/DNS connection-based attacks), low and slow attacks etc.
Then there’s the bot problem, which is big because it is outbound in nature. Here, the attack methods are through attachments, browser, rogue apps, media etc and there are tutorials online on this.
Organizations can end up being primary or secondary victims. In the latter instance, an organization’s resources are used to attack another. Simply adding technologies is not enough. He suggested, “We need to combine people, policy and processes. The most secure environment is the one where people are actively part of the security setup. Employees need to be educated, policies have to be adopted according to changing needs etc. The combat strategy should be around unknown threats and unknown vulnerabilities as these are the most dangerous.”
Awasthi concluded that “united we stand”. Expertise, particularly, incident response experts, research experts and incident response gear are required.