Mitigating Attacks in 2013: The Year Companies Push Hackers Back

4
489

In 2012, DDoS attacks revealed a new cyber security trend: attack campaigns that last for days and sometimes even weeks. Unfortunately, many organizations that find themselves under attack don’t know how to change the attack dynamics. Instead of working to halt attacks, many just wait passively for them to conclude.

But what about stopping the attack? Why can’t organizations become more proactive and implement counter measures that can halt the attackers from sending additional malicious traffic? Why not push the hackers back as far as possible from critical applications?

According to Cyber Security on the Offense, a recent study by Radware and the Ponemon Institute, 71 percent of respondents gave their organizations an average or below average rating when it comes to their ability to launch or implement counter techniques against hackers and other cyber criminals. The main reasons for not being effective in launching counter measures include the lack of enabling technologies, resources, budget and the dearth of expert personnel. (To read the full report – click here.)

This is a worrisome picture. Despite the fact that many organizations find themselves affected by attack campaigns that last for many days, they lack the capabilities to stop or to reduce the effectiveness of these attacks.

In 2013, it’s time to get proactive! Here are some recommendations for organizations that would like to halt attacks rather than merely absorb them:

  • Establish an emergency response team that can detect and respond to attack campaigns 24×7 for as many days as required. Train this team to investigate who the attackers are and what their motivation is.
  • Gain knowledge on the attack tools, techniques and modes of operation used by hackers in previous campaigns.
  • When under attack, quickly detect and understand which attack tools are being used in order to anticipate what you should expect.
  • Implement techniques to perform counter measures. Each attack tool that hackers use has weaknesses that can be exploited in a counter measure to significantly reduce the effectiveness of the tool.
  • Develop an attackers’ black list and work with your CDN provider or your ISP to black list the attackers before they reach your network. This will allow you to push the attackers as far as possible from your critical applications.

Organizations that implemented these recommendations in 2012 managed to shorten the length of the cyber attacks they faced and reduced the damage they experienced. Next time your organization is under attack, make the choice to be proactive in order to minimize the attack’s effectiveness rather than just waiting passively for its termination.

4 COMMENTS

  1. This is indeed a troubling trend. I’m not sure if you read but a hacker group announced last year that they intend to attack Bank of America with malware and trojans in the Spring. My girlfriend works at the bank and she told me that no one is much taking these concerns seriously which makes me glad its not my bank. I told her that there were likely Trojans already in place that can be activated when ready. Most virus scans fail to detect Trojans and she has never met anyone from their IT security department. I think that the bank does lack the specific resources to take offensive measures against such attacks. They are purely reactive. It seems that every now and again the bank’s website is attacked and goes down for a day or two. Proper forensic analysis could retrieve IP’s and hosts where the hacks originate and the proper authorities should be contacted. But don’t count on the FBI to do this because they don’t have the resources either.
    This is exactly why I am back in school getting my MS in Information Technology with an emphasis on Information Privacy and Security. I have learned so much from just one class. The classes are dominated by Chinese and Indian students which leads me to believe that most Americans don’t take cyber security seriously, of course that is until they have their bank account emptied.

LEAVE A REPLY

Please enter your comment!
Please enter your name here