Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

10 deadliest differences of state-sponsored attacks

Maria Korolov | Dec. 2, 2014
There are some key differences about attacks that originate with foreign governments, and ignoring these differences could prove deadly.

And they'll work around the clock, added Udi Mokady, CEO at Israel-based CyberArk Software, Ltd. 

"It's based on people working shifts with well-managed processes and development," he said. "They behave like a development arm and are able to carry out sophisticated attacks." 

And speaking of development... 

9. They'll create new zero-day exploits 
A foreign government can afford to create a brand new, unique zero-day attack to go after individual targets. 

"They are deeply talented and likely spend substantial resources to identify zero day vulnerabilities," said John Dickson,principal at San Antonio, TX-based Denim Group, Ltd. "They have shown willingness to have a lot of people spend a ton of time trying to get into certain places." 

And the foreign government would then keep those vulnerabilities secret, to use them again, or to ensure that it's attack wouldn't be discovered. 

A criminal is also interested in getting the maximum use possible out of an exploit, but within a much shorter time frame. An exploit that's sitting around not being using isn't making them any money and, given how slowly some companies patch, even a discovered exploit can remain profitable for years to come. 

10. They set the bar for other types of attacks 
"The reality is that US companies and government agencies only barely prepared for the very lowest level of threat - the auditor," said Contrast Security's Williams. 

And auditors are always several years behind the curve, because they use regulations and standards drafted years before. That means that most organizations are unprepared for techniques commonly used today by all types of hackers, such as automated tools. 

"We should be building systems designed to resist the attacks that we expect ten years from now, not the attacks occurring two years ago," he said. That means that all organizations should be getting ready to face long-term, well-coordinated, almost invisible attacks. 

"In ten years, this type of attack will be available to even unskilled attackers, and we should be preparing our critical infrastructure to withstand it," he said.


Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.