A recent spate of targeted denial of service attacks on organisations such as Spamhaus and Bitcoin serve as a reminder that such attacks are widely used. Denial of service is the best way to attempt to halt or slow key internet-based services by those with a motive to do so. Many IT managers probably look-on, shrug their shoulders and say, “why would they target us? We are not a high profile internet service.”
This may be so; however, recent Quocirca research has shown how reliant all organisations are now the internet to communicate with both customers and partners (free report here: Digital identities and the open business). This is a double-edged sword. Of course, the internet has become key to enabling high speed automated transactions for many businesses, but from an IT security perspective it also means that those who want to can more easily disrupt the activity of a given business for any number of reasons. This can have both tangible and intangible consequences, for example slowing/stopping business or damaging reputation.
Denial of service is just one vector of attack. Another recent Quocirca research report shows that many European businesses have been impacted by a range of other network related attacks. Often these are not aimed at service disruption or damaging reputation but the theft of personal and/or financial data, in particular that relating to payment cards (see free report here: The trouble heading for your business).
'Low profile' businesses that do not deal much with personal data may still feel they are unlikely to be targeted. Don’t be so sure. Quocirca was talking with a small engineering firm the other day that was of just such a view. Later in the conversation it said it would be bidding for some work on the proposed controversial High Speed-2 (HS2) rail link. Hacktivists see small suppliers working on such projects as weak links and targeting them as a way of undermining the overall project. Any organisation can unexpectedly become a target.
There is a growing awareness of the dangers of both cybercrime and hacktivism shown by Quocirca’s recent research. Organisations are starting to invest in the defence measures necessary to defend themselves. This includes better understanding what is happening on the networks they rely on, especially as the formal network edge has dissolved in to a virtual perimeter that cannot be policed using traditional measures such as firewalls and intrusion prevention systems (IPS).
How European business are going about this and the degree of success they are having will be the subject of a webinar Wednesday April 17th titled 'It’s time for a new perimeter – protecting your IT infrastructure from malicious attacks' hosted by network defence specialist Corero; for more information and to register click here.