High-profile breaches raise risk awareness

PUBLISHED : Monday, 05 September, 2011, 12:00am
UPDATED : Monday, 05 September, 2011, 12:00am


Several high-profile targeted attacks against leading organisations have raised public awareness of advanced persistent threats (APTs).

The hackers researched key victims within each targeted corporation then used tailored social engineering attacks to gain entry into the victims' networks.

Data breaches caused by hacking saw an average of more than 260,000 identities exposed per breach, according to the Symantec.cloud Internet Security Threat Report published in April.

Rob McMillan, research director of Sydney-based Gartner Australasia, says APT is stubborn malware which maintains persistent penetration deep into the operating systems of organisations. 'It is difficult for less sophisticated security software to remove APT because it goes so deep into the operating systems,' he adds.

One of the APTs, Zeus, targets financial service companies and has a global penetration. It is sophisticated and usually takes multiple steps to get into organisations' operating systems. 'Zeus can exist in any number of variances and the number can be up to thousands. It steals people's credentials and uses them to compromise online transactions,' McMillan says.

Security consultant, at Symantec.cloud Hong Kong, Sam Tong believes many of the latest threats span multiple communication protocols and often evade signature-based detection.

Skeptic technology, a proprietary Symantec technology, is a heuristics-based solution that not only identifies and blocks known threats, but also unknown ones.

Breaches by staff within an organisation can also create serious threats. 'Over 70 per cent of threats or breaches to corporate networks are from insiders,' says Vic Mankotia, vice-president for security for Asia-Pacific and Japan, CA Technologies.

Most privileged users within an organisation have access to privileged information. 'These privileged users can be the CEO, CFO or administrator. They need enhanced security measures and governance,' Mankotia says.

The inability to properly control and audit privileged access can create a serious security threat. CA Access Control by CA Technologies helps further secure the use of privileged accounts within applications, and address the growing security and compliance needs for privileged user monitoring, Mankotia says.

CA Access Control now features a new enhanced solution for better protection of corporate networks called privileged user password management. It helps address the critical needs of privileged identity management by centrally controlling, monitoring, and auditing privileged users and providing temporary privileged access across servers, applications and devices. This is all completed through a single management console.