Understanding your enemies and their motivations will go a long way towards successful cyber defence.
So said Francis deSouza, group president, enterprise products and services at Symantec, during his keynote address at RSA Conference 2012, in London, yesterday.
He said understanding the entire attack is key. "Traditionally we've looked at all the individual attacks. It's no longer about the bullet; you need to understand the campaign that launched the bullet."
Discussing the emergence of the 'multi-flank' attack, he said DDoS (denial of service) attacks are now being used as a diversionary tactic.
He said this is particularly effective with financial services companies, as it creates a diversion, while the real attack, emptying bank accounts, is taking place.
As an example, he said a phishing attack could be launched against a financial services institution, and credit card and banking login details could be stolen. "Once this has happened, a DDoS attack would be launched, for example, on a Friday afternoon, when the cyber criminal knows the IT department is not at full strength.
"Following this, the IT staff would focus their energies on restoring the Web site, and while they are doing that, money mules would be emptying bank accounts."
He cited an unnamed example, where ATMs in 42 countries were used to drain bank accounts, and $9 million was stolen.
Phishing attacks, and specifically highly-targeted phishing attacks, are prevalent, and are increasingly easy to accomplish due to the plethora of personal information freely available on social networking sites such as Facebook.
It is increasingly easy to target the individual and gain a foothold into an organisation. One can find out pretty much anything about anyone through their social media profiles these days.
However, targeted attacks are only one element of the 'multi-flank' attack. "It all comes down to knowing your adversary, and understanding their campaign," says DeSouza. "You can't win a battle through defence alone. You must be able to strike back too."
Share