|
Over the last several years we have witnessed probably the most important change in the threat landscape as the motivation of bad actors shifted from fame and glory to profit.
As IBM puts it: “Information security solutions used to protect organizations from hackers intending to generate front page news about a successful denial of service attack or a web site defacement. In the new era of Internet threats, attackers are motivated by profit or politics and use cutting edge technology to probe networks undetected for as long as possible. The longer attacks go unnoticed, the more opportunity for success in data theft and other profit-generating activities".
This figure illustrates how today’s attacks are different from earlier attacks.
Attack Characteristics |
Earlier Attacks |
New Era of Attacks |
Motivation |
Glory and fame |
Profits |
Complexity |
One dimensional |
Multi faceted |
Scope |
Widespread for maximum publicity (carpet bombing or shotgun approach) |
Targeted attacks to go unnoticed (surgical strikes or sniper approach) |
Primary Risk |
Network downtime to clean and repair |
Direct financial loss; Theft of trade secrets or corporate strategy; Customer data breaches and disclosure |
Targets of Attack |
High profile / Widespread |
Laser focus on firms and individuals |
Effective Defense |
AV signatures; Reactive approach |
Multi layer protection; Pre-emptive and behavioral approach required
Focus on users, applications, and data |
Recovery |
Scan and remove |
Not always possible – once trade secrets are lost, they are lost; legal remedies may be used; may require re-image of system |
Types of Attacks |
Virus, Worms, Spyware |
Designer malware, Root kits, ransomware, spear phishing, attacks via social networking sites, web site drive-by, SQL Injection, XSS, CSRF |
Attack Approach |
Network traffic – Tell everyone the threat is here |
Malicious code – stealth like operation to avoid discovery |
|
