Cyber security is the double edged sword of modern business. Because the Internet is an evolving technology that carries enormous potential and vulnerability, cyber security embraces questions of internet freedom, network architecture and the economic potential of cyberspace.
Large global multinationals, small local businesses and startups alike use online infrastructure to facilitate economic and technological innovation. With this growth comes increased risk as well as opportunity. Advanced, persistent threats reflect the risks posed by adversaries with the sophistication, resources and determination to cause real and permanent damage by exploiting the architecture of networks, and of cyberspace itself.
The 2012 Cyber Crime and Security Survey: Systems of National Interest, published by the Australian Government, disclose some of the cyber security measures that key infrastructure sectors have in place. Of the 255 organisations surveyed in Australia's banking and finance, communications, energy, resources, transport and water sectors, 90 percent reported they have firewalls and security software in place. However, 20 percent of the same respondents described some form of ''cyber incident'' that occurred in 2012. Logic would define that there is a gap, and cyber-attacks are occurring more frequently than desired.
It’s no surprise 16 percent of respondents identified being exposed to ‘denial-of-service attacks’ (DoS). These attacks are fundamentally different to other virus, malware or identity attacks. The apparent legitimacy of a DoS attack is achieved by using authorised ports – hence firewalls and the other security software listed above are ineffective against them.
No one can argue that the cyber security of an enterprise is the domain of anyone else but the CIO. Processes, practices and decisions all largely fall to the one person.
The stakes are high for CIO’s as more and more reliance is placed on them by employees, partners and consumers, to protect them from the reality of the cyber domain. The report identifies that 19 percent of respondents believe the key motive for cyber crime is financial gain, so the stakes rise higher quickly.
The report findings state the top two suspected motives as being non-targeted unsolicited malicious damage (17 perdent), followed by indiscriminate attack (almost 16 percent). So often when looking for the culprit of a random attack, a DoS attack is held responsible. These types of attacks can render enterprises’ online services totally redundant, sometimes for long period of time. If an attack is launched, it has the ability to not only affect customer facing avenues of an organisation, but also any online services that an enterprise relies on internally, such as online portals or other integral services.
Based on the report’s findings and the discussion surrounding DoS attacks, below is a brief outline of how to combat this form of cyber warfare:
1. Assemble a crisis team
Unavailability of services for customers can not only spark outside concern, but also inter-organisational problems if DNS services are targeted. As soon as disruptions are noticed, a crisis team should be assembled by the security department.
The aim of the crisis team should be to gather information on the origin, nature and targets of the attack(s).
2. Assess and determine plan of attack
The team needs to completely identify the attack and evaluate how to stop it. There are two avenues which can be tried:
- Engage the Internet service providers (ISPs) to block traffic that could be linked to the suspected threat.
- Strengthen local defences by enhancing and editing configurations of firewalls and server detail.
3. Apply Blocking mechanisms
Once the attack has been identified the team should contact operators and request origin tracing to commence, and apply any available blocking mechanisms. This should help prevent future attacks from the same instigator.
The key thing to keep in mind when assessing the Government’s reports is that these are the trends and insights from our very own organisations. What is reflected is going to affect each and every one of us in some way, so it’s important to be informed, prepared, and ready to act.