Cyber Security from Netfast

First it was Target, whose 110 million customer records were brazenly stolen during the 2013 holiday shopping season. Then it was Neimen Marcus, another large retailer who admitted its customer records were stolen by hackers.

Even before Target and Neimen Marcus, companies of all sizes as well as government organizations and educational institutions have been hacked or spied on by cyber criminals for financial gains ranging from credit card theft to stealing intellectual property. Information security technologies of yesteryears are not sufficient to combat the growing sophistication and creativity of a new generation of international hackers and cyber-criminals.

To get a better understanding of various threats let us examine the various threat sources:

• Bot-network operators use a network, or bot-net, of compromised, remotely controlled systems to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. The services of these networks are sometimes made available on underground markets (e.g., purchasing a denial of service attack or services to relay spam or phishing attacks).
• Business Competitors: Companies that compete against or do business with a target company may seek to obtain sensitive information to improve their competitive advantage in various areas, such as pricing, manufacturing, product development, and contracting.
• Criminal groupsseek to attack systems for monetary gain. Specifically, organized criminal groups use spam, phishing, and spyware/malware to commit identity theft, online fraud, and computer extortion.
• Hackers break into networks for the thrill of the challenge, bragging rights in the hacker community, revenge, stalking, monetary gain, and political activism, among other reasons. While gaining unauthorized access once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites. Thus, while attack tools have become more sophisticated, they have also become easier to use. According to the Central Intelligence Agency, the large majority of hackers do not have the requisite expertise to threaten difficult targets such as critical U.S. networks. Nevertheless, the worldwide population of hackers poses a relatively high threat of an isolated or brief disruption causing serious damage.
• Insiders: The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data. The insider threat includes contractors hired by the organization, as well as careless or poorly trained employees who may inadvertently introduce malware into systems.
• International corporate spies: pose a threat to the United States through their ability to conduct economic and industrial espionage. Nations and large scale monetary theft and to hire or develop hacker talent.
• Nations use cyber tools as part of their information gathering and espionage activities. In addition, several nations are aggressively working to develop information warfare doctrine, programs, and capabilities. Such capabilities enable a single entity to have a significant and serious impact by disrupting the supply, communications, and economic infrastructures that support military power impacts that could affect the daily lives of citizens across the country. In his January 2012 testimony, the Director of National Intelligence stated that, among state actors, China and Russia are of particular concern.
• Phishers: Individuals or small groups execute phishing schemes in an attempt to steal identities or information for monetary gain. Phishers may also use spam and spyware or malware to accomplish their objectives.
• Spammers: Individuals or organizations distribute unsolicited email with hidden or false information in order to sell products, conduct phishing schemes, distribute spyware or malware, or attack organizations (e.g., a denial of service).
• Spyware or Malware Authors: Individuals or organizations with malicious intent carry out attacks against users by producing and distributing spyware and malware. Several destructive viruses and worms have harmed files and hard drives, and reportedly have even caused physical damage to critical infrastructure, including the Melissa Macro Virus, the Explore.Zip worm, the CIH (Chernobyl) Virus, Nimda, and Code Red.
• Terrorists seek to destroy, incapacitate, or exploit critical infrastructures in order to threaten national security, cause mass casualties, weaken the economy, and damage public morale and confidence. Terrorists may use phishing schemes or spyware/malware in order to generate funds or gather sensitive information.

Netfast Comprehensive Cyber Security Solutions

Through its partnership with leading cyber security solution providers and domain experts, Netfast consultants can perform an in-depth risk assessment of application, network, data and physical security threats to identify weaknesses in your IT infrastructure. The goal of the assessment is to become predictive in potential threat risks and apply advanced threat protection solutions to minimize the risks associated with various threats to corporate information technology resources.
Should an attack occur, Netfast Cybersecurity and Digital Forensic experts will perform a detailed analysis to determine the source, nature, magnitude and extent of the damage to the infrastructure or data and use the analysis to develop comprehensive solutions to prevent such future attacks.