Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

The key to stopping cyberattacks? Understanding your own systems before the hackers strike

July 6, 2020
in Internet Security
The key to stopping cyberattacks? Understanding your own systems before the hackers strike
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Cyberattacks targeting critical national infrastructure and other organisations could be stopped before they have any impact if the teams responsible for the security had a better understanding of their own networks.

That might sound like obvious advice, but in many cases, cyber-criminal and nation-state hackers have broken into corporate networks and remained there for a long time without being detected.

You might also like

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers

Oxford University lab with COVID-19 research links targeted by hackers

Fastest VPN in 2021 | ZDNet

Some of these campaigns involve intrusions into critical infrastructure where malicious hackers could do damage that could have serious consequences.

SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

But hackers have only been able to get into such as strong position because those responsible for defending networks don’t always have a full grasp on what they’re managing.

“That’s what people often misunderstand about attacks – they don’t happen at the speed of light, it often takes months or years to get the right level of access in a network and ultimately to be able to push the trigger and cause a destructive act,” says Dmitri Alperovitch, executive chairman at Silverado Policy Accelerator and co-founder and former CTO of CrowdStrike.

That means deep knowledge of your network and being able to detect any suspicious or unexpected behaviour can go a long way to detecting and stopping intrusions.

“Defence can work if you have time. If you’re looking inside your systems, hunting for adversaries and applying intelligence, you’re able to discover them even if they get in, before they do any damage,” Alperovitch adds.

Knowing what’s on the network has become even more crucial in recent years, as industrial environments have become increasingly connected with Internet of Things sensors and monitors.

The devices are useful to infrastructure providers because they allow better monitoring of systems for efficiency, maintenance and repair, but if not properly managed, they could be weak points for attackers to access the network.

“We need to be pro-actively testing,” says Annessa McKenzie, VP of IT and CSO at Calpine, an American power generation company.

“We need to grow more of that capability to go in with that confidence so that before there’s a breach, we at least have a basic understanding of this environment,” McKenzie explains. “Because when we go in completely blind, what should take days to respond takes weeks, sometimes months – and we never really understand what happened.”

Organisations should also try to think like hackers; by thinking about the network and how an attack could exploit it, security teams could uncover unexpected means that hackers could use to exploit the network.

“A lot of companies put in segmentation, monitoring, anti-virus – they’re not bad things – but I think too little focuses on what the attack is going to look like,” says Rob Lee, CEO and co-founder, Dragos, the industrial security provider that hosted the online discussion on securing critical infrastucture.

“Let’s work backwards. What kind of response do we want to have? Do we want to get the plant back up and running? Then we’re going to have to understand root cause analysis”.

By examining the network like this, Lee says, organisations responsible for industrial control systems can understand the requirements the network needs to ensure security – and by doing this, those responsible for critical infrastructure can help everyone by detailing what they find to the government.

“The ICS community has the ability to look at this backwards and educate the government on what that’s going to look like. That’s when the government can be impactful,” Lee adds.

SEE: Cybersecurity: Do these ten things to keep your networks secure from hackers

With the right tools and expertise available, government intervention could help boost cybersecurity across critical infrastructure by providing an environment for organisations to share information about attacks and best practices for protecting networks.

“They could create a platform for companies to come together and exchange best practices and assistance and maybe even host some sort of joint public private response capability. That would help propel things along,” says Michael Chertoff, former United States Secretary of Homeland Security and co-founder and executive chairman of The Chertoff Group, a security and risk advisory firm.

He also suggests that liability for security shouldn’t just lie with infrastructure providers and other organisations, but the companies that build the specialist systems and connected parts used in these environments should also hold some responsibility if they’re found to be inherently insecure or vulnerable to cyberattacks.

“Right now, one of the arguments for manufacturers is ‘it isn’t our problem, we just give you the stuff, it’s on you’,” Chertoff says.

Through a combination of this and a good knowledge about what the network looks like, infrastructure and utilities providers in particular can go a long way to preventing themselves from falling foul of hacking campaigns and cyberattacks. But in many cases, there’s a long way to go before this is the case.

“The greatest advantage defenders have is if they know their environment better than an adversary – that’s not always true, unfortunately if the right tools and capabilities aren’t in the organisation,” says Alperovitch.

“But if they do, that’s when they have the high ground and detect an adversary and eject them before any damage is done”.

MORE ON CYBERSECURITY

Credit: Zdnet

Previous Post

Data Governance: Bottom Up Approach to break silos

Next Post

Get Worldwide Postal Code Data with Zip Code API

Related Posts

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers
Internet Security

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers

February 27, 2021
Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Next Post
Get Worldwide Postal Code Data with Zip Code API

Get Worldwide Postal Code Data with Zip Code API

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

AI & ML Are Not Same. Here's Why – Analytics India Magazine
Machine Learning

AI & ML Are Not Same. Here's Why – Analytics India Magazine

February 27, 2021
Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers
Internet Security

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers

February 27, 2021
Is Wattpad and its machine learning tool the future of TV? — Quartz
Machine Learning

Is Wattpad and its machine learning tool the future of TV? — Quartz

February 27, 2021
Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
The Education Industrial Complex: The Hammer We Have
Data Science

The Education Industrial Complex: The Hammer We Have

February 27, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

New AI Machine Learning Reduces Mental Health Misdiagnosis

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • AI & ML Are Not Same. Here's Why – Analytics India Magazine February 27, 2021
  • Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers February 27, 2021
  • Is Wattpad and its machine learning tool the future of TV? — Quartz February 27, 2021
  • Oxford University lab with COVID-19 research links targeted by hackers February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates