Most modern day cyber attacks tend to target organisations and governments with the explicit purpose of stealing information and causing disruption. As a consequence, governments have had to reassess their stance on cyber crime, and many are attempting to tackle the problem directly.
In the latest budget, the UK government announced an estimated £500 million will be made available to help fight the war on cyber crime. This is a substantial allocation, suggesting that cyber crime is a bigger problem than the average person might be aware of. It is refreshing to see that the threat is being taken seriously.
Recently, Symantec and Websense (among many others) have announced they expect an increase in attacks in during 2011. This has been backed up with the UK’s intelligence centre (CESG) saying that it has seen a massive rise in the number of attempts made to infiltrate UK government and industrial targets over the past year.
The types of attacks occurring are very advanced, with viruses/worms such as Zeus, Aurora and Stuxnet deliberately targeted at infiltrating businesses and key infrastructure.
These malware are specifically designed to hide from detection devices and software, making them significantly harder to manage. They also mutate into different strains, allowing them to survive far longer in the wild. The Stuxnet worm is said to be one of the most advanced pieces of malware seen to date. Iit is a sophisticated worm that has the ability to actually change its code and hide these changes afterwards. Currently, this type of technology infects thousands of computers worldwide. It is the sort of cyber-attacks seen in sci-fi films through the 80’s and 90’s, they really may be becoming a reality.
In November 2010 the UK Intellectual Property Office was hit by a cyber attack which took down its website and services for several days. It was almost certainly a targeted attack due to the ferocity and damage it caused. And this is but one of the many attacks that take place worldwide on a daily basis.
Most of the current targets are generally big business and government - organisations that hold information worth a lot of money. But, as this kind of malicious technology spread, my fear is that it will begin to be used against any company holding useful data – big or small. Even a list of email addresses can be valuable to the right customer.
To combat such attacks, all businesses have to enforce strict security policies. That isn’t to say they need to have expensive equipment, but they do need to ensure that all employees are being vigilant. A good security policy should contain instructions on acceptable internet use along with guidance on the correct use of memory sticks and personal equipment brought in to the work place. Nothing should be plugged in to a PC that hasn’t been virus checked.
One of the most important defences against attack is to ensure that all PCs, workstations and servers are fully patched with the latest security updates (operating system and anti-malware solutions). Usually, it is vulnerabilities in operating systems and security that most attackers look to exploit.
Even though malware is becoming more advanced, the best ways to combat it continues to be much the same. It is probably true that the Stuxnet worm outbreak was cause by unchecked laptops and memory sticks being used on the corporate network.
If a user is vigilant (scan all files before opening, don’t open email attachments from unknown senders, and keep your anti-malware solution up to date) you are about as safe as you can be whilst still being connected to the internet.
Just like anything in the world of IT, malware is evolving. It is always up to users to ensure they take the precautions necessary to safe guard themselves until anti-malware vendors catch up with what’s being found in the wild.