Categories: SecurityWorkspace

Fighting Cyber-Threats In A Post-9/11 World

Continued from page 1

Defenses haven’t changed

While many things have changed in the post-9/11 world, defenses against cyber-terrorism haven’t. Many organisations are still relying on the same defenses developed in the mid-to-late 1990s, said Anup Ghosh, founder and chief scientist of Invincea. “We are defending against 21st century attacks with 20th century technology,” Ghosh said.

The Defense Department and DARPA’s (Defense Advanced Research Projects Agency) focus on fighting terrorism inhibited innovation in information security, according to Ghosh. Foreign cyber-attackers began penetrating US networks, but instead of publicising evolving threats and tactics, the government classified the details.

“The market hasn’t innovated with the adversary because it hasn’t been privy to the exploits or advances in technology,” Ghosh said. The security industry is still largely reactive as it focuses on defenses that look for known signatures and patterns of attack when it needs new techniques to defend against cutting-edge cyber-attacks, he added.

A few years ago, attacking critical infrastructure was just another “movie idea” — something no one really thought would happen — but last year’s Stuxnet Trojan attack was a “wake-up call,” F-Secure’s Hypponen said. Until Stuxnet was discovered, no one realised these kinds of infrastructure attacks were already happening.

“Look at Die Hard,” said Hypponen. He noted that as everything has become connected to the Internet and computers have become more ubiquitous, the movie plot has become reality.

But the security situation isn’t completely bleak. We have made some progress, especially in the areas of information sharing and inter-agency cooperation.

The private sector has done a good job communicating with the government about protecting the critical infrastructure, Todd Davis, CEO of LifeLock, told eWEEK, during a training summit for law enforcement officials at the New York Stock Exchange. The goal was to bring “front-line” law enforcement and specialised agencies together to share information on what techniques criminals were using and what tools were available for the good guys, he said.

The Defense Industrial Base Cyber Pilot is an example of how the industry is working with the Department of Defense to share classified and sensitive data about cyber-attacks. The information collected in a three-month pilot program with 20 companies helped stop “hundreds of attempted intrusions,” by identifying malware signatures, according to Deputy Defense Secretary William Lynn. The pilot will be expanded to include the rest of the industry and key areas of critical infrastructure, Lynn said.

“We are in so much better space than we used to be,” LifeLock’s Davis said, adding that now was “one of the best times for collaboration.”

In addition, advances in technology have made it much easier and faster for law enforcement and business to identify potential problems. Organisations can deploy forensics and monitoring tools to detect anomalous activity in near-real-time, while police officers have access to more information about drivers during routine traffic stops, Davis said.

The goal of all these efforts? To use technology to help stop cyber-attacks.

Page: 1 2

Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Share
Published by
Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Recent Posts

EU Opens TikTok Probe Over Election Interference Claims

European Commission opens formal probe into TikTok after Romanian first-round elections annulled over Russian interference…

20 hours ago

China Chip Growth Slows As US Targets Legacy Chips

Growth in China's output of integrated circuits slows in November as Biden administration reportedly launches…

21 hours ago

Meta Adds ‘Live AI’ To Ray-Ban Smart Glasses

Facebook parent Meta adds AI voice chat, live translation to Ray-Ban Meta smart glasses as…

2 days ago

US Senate Criticises Amazon Over Warehouse Safety

Senate study finds Amazon did not implement protections recommended by internal studies over risk they…

2 days ago

US Lawmaker Calls For Drone Detection Tech After Runway Closure

US senate majority leader calls for federal deployment of drone detection technology after drone sightings…

2 days ago

TikTok Shop US Sales Surpass Shein, Sephora

After launching in September 2023, TikTok Shop rises to broad popularity with US sales surpassing…

2 days ago