Network Security News

Cyberspace is becoming a battlefield; well-known botnets, other means and tools of disrupting networks, of breaking the security, bypassing all kinds of sentinels and monitors; cyber-espionage and phishing - looks like the peaceful Internet is but history. Resources created to serve people are used in people's conflicts, and as such are being exhausted. Information Security Resource has more to say in Are We Creating a State of Cyber-Attrition?

It is said, stories like the July 4th cyber attack are raising our awareness of the cyber battlefield. Given the media focus on bots, rootkits, and malware, it is easy to overlook the core of these attacks – human conflict. In the Art of War, Sun Tzu stressed the understanding of those who wield the weapons of war. Security expert Richard Stiennon of IT-Harvest applauds this perspective. Below are highlights from the SecureLexicon Art of War podcast with Mr. Stiennon.

According to Sun Tzu, victory is predicated on understanding both yourself and the opponent. This understanding goes beyond knowing attack techniques. One must understand the mind and spirit of the enemy. This is where our cyber strategy falls short. “At the very low level”, said Stiennon, “the typical enterprise-driven individual treats attacks as if they are nameless, faceless packets coming at them – and that’s how most vendors have created their products.”

While this approach has its merit, it fails to provide forensic intelligence that reveals the nature of the attacker. “On the larger theater, where there’s hactivism going on, there is more study of who the attackers are.” Mr. Stiennon cited Hamas vs. Israel and Russia vs. Estonia. While these exemplify a focus on attribution and the understanding of attacks, “no one does it better than China,” said Stiennon.

When asked how we can counter the methods employed by China, Stiennon said “certainly we don’t want to engage in counter cyber espionage.” He feels that we should defend ourselves using the information gleaned from examining these attacks. According to Stiennon, “we must watch them and block them at every possible opportunity.”

What is really important is the fact Internet loses its primary meaning as a communication tool and is being transformed into a tool of cyber-warfare. The message is plain and simple: Internet is no longer safe. It may or may not sem pleasnt, but it is the reality one should admit. Hence, every service should be built with assumption it could be under cyber-attack, and the whole service shouldn't be compromised or halted in case certain its accounts are.

This article was brought to you by the developers of IPHost Network Monitor, network and server monitoring software.