Guarding your Data against Cyber Attacks
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu, The Art of War
There was a time not so long ago when the word “hacking” conjured up the image of fifteen-year-old writing viruses that presented a message like “You’ve been hacked by badboy45”. If the individual was particularly malicious, they might go so far as to reformat your C drive. While extremely inconvenient, acts such as this merely enforced the case for performing regularly-scheduled backups.Â It is only in the recent past that organizations have taken to the systematic targeting of business and governmental agencies in order to carry out highly nefarious deeds â€“ with devastating success.
The recent Sony Pictures hacking incident marked a new era in cyber-terrorism in that it proved that a terrorist organization could intimidate North America from afar. Prime Minister of Canada Stephen Harper summed up the situation when he warned that the “international jihadist movement has declared war on Canada and its allies.”Â So far this particular “war” has consisted of traditional violent acts, but can cyber-warfare be far off?
In this new era of heightened stakes comes an increased need for a comprehensive security strategy. Let’s take a look at how cyber-threats have evolved and what you can do to thwart attackers.
Cyber-terrorism vs. Traditional Hacking
Both individual hackers and organizations share similar goals, which are to steal, alter, or even destroy the target server or network by exploiting vulnerabilities in the system. But that’s where the similarities end. Professional hackers are often politically motivated to carry out their attacks to their repugnant conclusion, barring failure due to a well-guarded system. Cyber-terrorists are just as apt to target civilian interests and civilian installations as military or political ones. Whereas the goal of terrorism used to be to inflict the greatest number of casualties, focus has now shifted to simply create the most terror via the orchestration of high-profile incidents.
The Battle Plan
In my “How Safe is Cloud Storage?” article, I described encryption as being an essential component of any data security and management strategy.Â In the context of cyber-terrorism, it’s still your best defence against prying eyes.
At the end of November 2014, a group of highly skilled cyber criminals were able gain access to Sony’s computer systems, paralyze their operations, and tap into sensitive internal emails. While not intrinsically valuable, the hackers then leaked the correspondences, which included top employees’ salaries, hardball Hollywood negotiations, and digital versions of unreleased films. In the summer of that same year, a scandal erupted when an unknown hacker or hackers were able to retrieve a number of female celebrities’ private photos from their iPhones. The theft became world-wide news when the thief/thieves posted the images on the controversial 4chan website. Apple’s iCloud service was blamed for the security breach, despite Apple’s denial of responsibility. For reference, iCloud accounts are designed to allow iPhone, iPad, and Mac users to synchronize data between devices, but the service has been criticized by some for being unreliable and confusing.Â Perhaps the most troubling part about the scandal is that many of the stolen images were thought to have been long since deleted!
In both cases, encryption of the data at the disk level would have almost certainly thwarted the hacker’s or hackers’ efforts.
Employ Anti-malware and Anti-virus Software
Once an intruder gains access to your network servers, they can log in and infect that server as well as connected computers with malicious spyware or viruses. Spyware, which sends raw data to the hackers over the network connection, is an especially dangerous threat because it may be able to circumvent end-to-end network encryption.Â
Besides being able to neutralize potential malware and virus software, some security software actively tries to deceive intruders by sending them on wild goose chases with tempting – but falsified â€“ information and/or bogging them down with misinformation until they give up or by slowing down their own machines to a crawl.Â This counter measure has become known as “reverse-hacking”.
It’s all-too-easy to let your security software do its thing and forget about it, but you can’t forget about all of your employees.Â If you don’t train and impart on them the importance of being vigilant, itâ€™s akin to installing bars on all your windows, but leaving the front door unlocked.
Should an unsuspecting employee click on an email attachment from a nefarious source, your company’s infrastructure and data could be in deep trouble before you’re even alerted to the threat.
Most times, it isn’t feasible to limit emails to the company WAN. Therefore, you have to monitor incoming emails for embedded scripts and/or macros as well as scan attachments for viruses. You can also install software to block certain websites, such as those who cater to gaming, pornography, gambling, certain forums, file sharing, and other dubious content.
We’ve all heard the message that our passwords should not be dictionary words, be at least 6 characters in length, have a mix of numbers, characters, and special characters, that you should change it every so often, and that you should not use the same password for everything. The problem is that most people donâ€™t follow these guidelines out of sheer laziness and fear of forgetting passwords.Â I get it; Iâ€™ve forgotten many a password in my day.
Enforce Password Management
The takeaway from this section is that you can’t just suggest to your employees that they create strong passwords. You really have to manage passwords like any other crucial part of your organization. Here are a few ways to do that:
- Implement company-wide password rules that are enforced via password management software.
- That same software can force users to create a new password every so often, for instance every six months.Â Moreover, the software can be set to track a certain number of previously used passwords so that the user canâ€™t simply switch between two passwords.
- Remember to change passwords for individual applications in addition to the network logon credentials.
Balance the Countermeasures
Believe me when I say that the tips presented here today constitute just the tip of the iceberg. There are countless countermeasures that you can implement to protect your company, but bear in mind that you will reach a tipping point where extra precautions will give you very little extra protection for a whole lot of extra cost, effort, and inconvenience.Â In most cases, you have to be content with blocking the gaping security holes.
This article was originally published on February 04, 2015