The revised Payment Cards Industry Data Security Standard (PCI-DSS) that was released last Thursday did not provide any ground breaking news regarding the requirement for the protection of publicly facing web-applications against vulnerabilities and web-application attacks.
As many CISOs out there know too well, web-accessed applications must provide logging to enable anti fraud and business context visibility on application activity. In many cases, those applications must also comply with government regulations. The implication is that an application must log and analyze transactions, preferably in real time.
Well, I suppose that many in the Hacktivist world have resolved that 2012 would be a ‘breakout’ year for them as the level of attack activity is above the record setting year of 2011’s Cyber Attacks! Whether it is the Anonymous Group joining the Occupy Wall Street protesters to launch cyber attacks on major financial institutions in New York, or the Nightmare group, working with the hacker “0xOmar” to escalate their cyber war against Israel, cyber attacks have become the weapon of choice for ‘hacktivists’ seeking to leverage the impact of conflicts and social protests.