Advanced Targeted Attacks: From The Server Room To The Boardroom
The recent security attacks targeting oil/gas sector in the Middle East have attracted massive public attention and generated headlines in high profile business publications around the world, reminding companies that targeted attacks are not waning, far from it!. These threats continue to be a growing risk for businesses of all sizes and all sectors – no one is immune.
According to Symantec’s Internet Security Threat Report, targeted attacks use customized malware and refined targeted social engineering to gain unauthorized access to sensitive information and have increased from an average of 77 per day in 2010 to 82 per day in 2011. Symantec has also identified a new trend in these attacks. Our data demonstrates that these threats are not limited to large enterprise-sized organizations. Approximately 50% of attacks focused on companies with less than 2500 employees, and another 18% focused on organizations with less than 250 employees.
While the recent attacks in the Middle East only impacted a few organizations, the potential for global impact is real. These attacks have been a huge awakening for the oil/gas sector. Whether the motivation of the attackers was for the huge amounts of confidential information or for financial gain, or simply “hacktivism”, disrupting the oil/gas sector has the potential to disrupt the global economy. For this reason, information protection is no longer an IT-only conversation within an organization. C-level executives, board members and government are now getting involved in the discussions and are more concerned than ever about protecting their information and keeping their businesses and critical national infrastructure up and running.
For today’s organizations, protection means more than just information security…it also includes information availability. It doesn’t matter if you are hit by an attack. What matters is how quickly you recover and how fast you respond. Here are some additional best practices for oil/gas companies around the world:
Symantec Best Practices for Oil/Gas Companies:
- Create an Internal Corporate Security Task Team to work with a trusted security vendor to mobilize a team of security specialists and perform a detailed analysis of the current risk.
- Review security operations process and infrastructure, and design and implement an industry compliant Security Operation Center.
- Integrate a breach prevention and response plan into the day-to-day operations of the security team. Run Vulnerability and Malicious Activity Assessments in addition to penetration tests to determine current weakness for external and internal exposure.
- Procure products and services for all required software and infrastructure to implement critical recommendations and deploy optimized protection to secure all business environments.
- Implement a Managed Security Service (MSS), supplemented by senior resident resources. Part of the MSS will be the implementation of a 24/7 global intelligence monitoring service.
- Ensure infrastructure security across all endpoints including mobile devices, ensure security products are up to date and avoid pirated software.
- Have a disaster recovery plan in place; it is important to have data backed up, encrypted and secure.
- Protect and educate users with identity and access control, two factor authentication and conduct security awareness training on an ongoing basis.
Associated Press, Virus origin in Gulf computer attacks in question
For more information on the current security threats, read the Symantec Security Response blog: The Shamoon Attacks Continue