If you Knew you Were Going to be Attacked, What Would you do Differently?

Wednesday, August 14, 2013

Bill Wheeler


Recent reports have found that cyberattacks against U.S. corporations are on the rise, along with an increase in international threats, especially from China, and emerging threats to small businesses. Today, it’s not a matter of if an organization will be the victim of a cyberattack, but when.

If you knew you were going to be attacked, what would you do differently to prepare your infrastructure? Here are the most important steps you should take when protecting your organization.

Dedicate Budget

When budgets are tight, money is funneled towards the revenue generating parts of the business, and security is placed on the back burner. Smaller organizations especially do not think they will be attacked and do not understand the value of security. They also often lack knowledgeable staff, training and resources. It is necessary for organizations of all sizes to dedicate sufficient resources to training and hiring IT staff, or to outsource their security needs to a third-party provider.

Assess Your Risks

It is important for organizations to have a clear view into the risks facing them. Some organizations might want to consider partnering with a consultant that can perform an audit and assess their risk profile. Then, the organization can put a plan in place to protect itself.

Take Action

Once you have identified the threats facing your organization, put the right technology and best practices in place to prevent them, for example:Put up firewalls

  • Upgrade code
  • Don’t forget about PCI certification: PCI is evolving and requirements will probably become stricter in the future. PCI certification can mitigate the risks to systems that store or transmit credit card data.

There are also several low-cost best practice solutions that can help you to substantially mitigate long term data loss and exposure. These include:

  • Staff Training
  • Virus / Malware Updates
  • System Patching
  • Open source detection tools:  IDS / IPS
  • File integrity monitors
  • Application penetration testing
  • Source code review
  • Incident Response planning and training

Be Proactive

The threats to the organization are constantly evolving, and the security team needs frequent training to stay up-to-date on the latest risks. For example, financially-driven attacks have become a huge issue recently, as are new phishing attacks, viruses, worms and Trojans. 

For example, the Downloader.MDW, better known as Dialer.XD, forces affected computers to generate a large amount of network traffic activity with the consequent consumption of bandwidth. It carries out actions that decrease the security level of the computer and uses anti-monitoring techniques in order to prevent it from being detected by antivirus companies. It also spreads across the Internet while being downloaded by other malware.

Also, the Linux.Apaback is a Trojan horse that modifies network traffic and opens a back door on the compromised computer. Although this Trojan is considered low risk as it is easily mitigated and removed, an unsuspecting organization caught off guard can be entirely compromised by allowing such a threat to exist.

In order to stay informed, IT staff should participate in security focused events, subscribe to mailing lists, and talk to their peers. Organizations should ensure that they have the latest patch versions. They should constantly scan for threats and plug vulnerabilities in a timely manner. 

Beyond the IT department, basic security training is important for all staff. For example, all employees should understand password requirements and complexities.


In the security business, the good guys need to be prepared 100 percent of the time, and the bad guys only need to be right once in order to cause major damage. By following this checklist, you can help ensure that your business is prepared.

About the AuthorBill Wheeler is Global Director of Security & Compliance Practice at Zensar

Related ReadingWant Better Security? Assume You've Already Been Hacked

Related Reading:  I'm a Fortune 500 Company and I've Been Hacked

Possibly Related Articles:
Firewalls Budgets Enterprise Security Vulnerabilities
Information Security
Information Security hacked
Post Rating I Like this!
Mic Micac This was an excellent article. It has some valuable content on this topic. Thank you for compiling it into an easy to read and well written post.
williama willis But these are all the best plant seeds that, when placed, could become something beneficial. http://freshupholstery.tumblr.com/
williama willis It can help you identify which writing and article promotion sites to publish to. http://www.amazon.co.uk/Biovit-Complete-Raspberry-Ketone-Pills/dp/B00RR5999O/
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.