How To Deal With Cyber Attack


In combatting a targeted attack on your network, early detection and rapid response are both critical.
Cyber security experts accept the strong possibility that criminals will be able to enter their network at some or other point, and in this context, the issue becomes less about being able to keep them out, and more about detecting them and taking remedial action as soon as their presence is discovered. This is according to a recent report from global cybersecurity company RSA.
Anton Jacobsz, managing director at value-added distributor, Networks Unlimited, which distributes RSA products and solutions in Africa, comments, “The report from RSA Incident Response Services notes that, once detected, rapid response is needed to mitigate the potential damage and prevent them from achieving their objectives. RSA’s Advanced Cyber Defense (ACD) services for Incident Response enable organisations to prepare for security incidents without having to accept the inevitability of loss.”
The report outlines the comprehensive forensic analysis framework in the RSA approach to threat response and mitigation, noting that the response process ‘…takes into consideration data from multiple sources including in-house systems, open source research, “RSA Live” threat intelligence and the customer’s threat intelligence sources.’
The approach taken includes network analysis, using host forensics, harvesting threat intelligence and malware analysis, as follows:
· Network analysis: Data from packets and logs collected by RSA NetWitness is used to identify suspicious or risky communications.
· Host forensics: Executables, files and libraries are used to identify unauthorised services and processes deployed by the attacker and running on end points.
· Threat intelligence: Research is conducted to gain insights about the attack infrastructure, tools and techniques, which is particularly helpful in gaining insight about threat actors that are persistently targeting the organisation.
· Malware analysis: Malware tends to be relatively small in terms of file size, which helps the attackers to avoid detection. Malware analysis allows an incident response team to develop blocking techniques and make the organisation more resilient.
Jacobsz concludes, “Attackers do leave clues to their presence and analytic intelligence, as offered by RSA, is key in being able to offer early detection and rapid response. Ongoing analysis and threat intelligence further allows an organisation to bolster its defences into the future.”

Comments

Post a Comment

Popular posts from this blog

Check Out The Best Spy Software For Cell Phone In 2018

Picking the best phone spy software can be tricky. There are dozens of excellent phone trackers out there. Fortunately, I'm here to help. I've worked as a private investigator for the past 15+ years. I use phone trackers almost every day. Today, spy apps can be used to track somebody without their knowledge. They're very popular even outside the law enforcement community. Some of the top spy software users are parents. It's a dangerous world out there, and parents want to make sure their kids are safe at all times. Good phone spy software lets you read text messages, track photos, monitor social media, track location data, and even record phone calls. Today's best spy software will record all data online where you - as a concerned parent or spouse - can quietly access it. Some of the spy software on this list can even record ambient noise through the microphone or remotely take a photo using the phone's camera. With that in mind, let's take a loo
Read more

How To Protect Your Data From Ransomware

Unless you avoided reading or listening to the news last year (and with everything going on in the world who can blame you), you no doubt heard reports of ransomware attack after ransomware attack occurring in 2017. This type of hacking issue, where cybercriminals break into individual or company systems and hold data for ransom, is rife right now, and according to one report, actually increased almost ten-fold last year. As such, no matter which industry you work in, and whether you’re an entrepreneur, freelancer, contractor, or employee, it’s imperative to keep all your important information safe from prying eyes, and from downtimes as a result of it being held captive. Read on for some steps you can take to avoid a ransomware attack this coming year. Install Security Software and Firewalls First off, one of the simplest things you can do to protect your data is to install top-quality security software on all the devices you use. There are many different products on the market
Read more

Hardware Zone Forum hit by security breach and profiles affected

Approximately 685,000 user profiles were affected when the HardwareZone (HWZ) Forum website was hit by a security breach, the site's owner SPH Magazines said in a news release on Tuesday (Feb 20). A suspicious post on Sunday prompted an investigation to ascertain whether a security breach had occurred, the news release said. The probe showed that a senior moderator's account had been compromised by an unidentified hacker, and used to access the user profiles since September 2017. "The hacker used the compromised credentials to impersonate the senior moderator to retrieve user profile data which comprised name, email address and user ID, and possible optional data fields," said SPH Magazines. It added that the database of the online tech portal did not contain NRIC numbers, telephone numbers and addresses as these had been purged in line with the Personal Data Protection Commission (PDPC) guidelines in July 2015. As a matter of precaution, forum users were
Read more