2. Infiltration: Once the weakness has been identified the hackers can tune their attacks to leverage the vulnerabilities to compromise the servers. When it comes to website attacks such as cross-site-scripting, SQL injection, OS command injection are the most common and extremely effective in getting access to the servers or for laying traps for valid users to divulge their user credentials etc. so that hacker can use valid credentials to log into the system.
3. Extraction: After the hacker is in the system - he can choose to just take the necessary data and leave. But more often than not the hackers will plant a malware which will open a backdoor for the hacker to come in whenever he desires without having to go through steps #1 and #2 again.
4. Clean up: When hackers leave - just like a good robber - they try to erase their footprints - in this case their digital footprints to make post attack forensics difficult.
Q: Why is it important for companies to be more proactive in protecting themselves from cyber attacks instead of depending on the government to take the lead with regards to cyber security?
SR: What many do not realise is that businesses and governments alike are susceptible and experience various forms of malicious attacks every day. While there are some that are more severe than others, such threats are not entirely new. Businesses should define, enforce, and audit strong security and acceptable use policies, which can result in increased employee productivity and reduce the risk to critical intellectual property or customer data. It's a one-two punch, starting with sound policy set by the company IT department in conjunction with key business heads to ensure it enables business to flow.
Once the policy is set, technology can be used to enable, police and enforce that policy. To that end it's important to deploy a security solution that not only protects the organisation from external and internal attacks but also provides a rich reporting capability that can analyse the mountains of log data collected and present it in a format that allows for quick decisions that can both improve network performance and defend against malicious attacks.
JH: It is absolutely critical that companies take a proactive approach to protect themselves. When "the lights go out," it is the company and its customers who are affected. An "attack" could cause large amounts of revenue loss if e-commerce abilities are brought down and let us not forget that the damage to the brand's reputation could result in loss of customers as well.
Also, the global trend is that companies are being held liable for their failure to implement proper IT security practices. In the US, if a privately owned company is attacked, the buck pretty much stops with them. Directors and executives could be hauled to jail for failing to protect critical information. With the personal data protection act introduced by the Singapore government, it does indicate that Singapore is likely to begin to hold companies responsible for the protection of their data.
Sign up for CIO Asia eNewsletters.