Wednesday, November 27, 2013

Your work away for lack of prevention

Your work away for lack of prevention|Tu trabajo a la basura por no estar prevenido

“A destruction, an annihilation that only man can provoke, only man can prevent” (Hungarian writer, Elie Wiesel). Therefore, the power to prevent third parties from reducing your company to a pile of rubble is held by the management.

We should be on alert of a long list of threats on the Internet. For example, the distributed denial-of-service (DDoS) attacks that can shut down an organization’s networks. Having a plan of action in such cases may be essential, although 45% of corporations, surveyed by security networks company Corero, claim not to have a roadmap to follow in such cases.



Without going further, a leaked email could mean that the whole company’s business strategy wound up in the trash. Thus, it is also important to take seriously the BYOD (bring your own device) policy and the protection of employee’s devices, marking clear minimum requirements, such as a proper Exchange ActiveSync configuration.

The incident that took place in the European Parliament last week is a clear example of what should be prevented. A hacker managed to compromised the building’s public Wi-Fi and access a number of email accounts of several politicians and IT employees. So far, the Parliament’s response has consisted in switching off the Wi-Fi network. Since then, it seems that Strasbourg didn’t have a previously defined plan for this type of events.

However, no one is safe. Any organization must know and be prepared to face these new challenges brought by the professionalization of cybercrime. In fact, now it is usual the launch of crimekits in the black market. The last one is called Atrax. It provides a wide range of tasks from performing DDos attacks to Bitcons mining. All of this, running under the dark Tor network.

In this sense, there are two keys for prevention against cyber attacks: protection and education. Sheltering communications with advanced encryption methods is essential to avoid prying eyes. Microsoft has understood that so it increased efforts to encrypt its Internet traffic. Furthermore, the training of users and cyber defense specialists is also essential. In that sense, we welcome initiatives such as the Cal Poly’s one for the education of "thousands of students in cybersecurity awareness and readiness".

---

We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)

0 comments:

Post a Comment