BANGALORE, INDIA: These days are undoubtedly the scariest days from the cyber security prospective. The victims of cyber attacks range from enterprises like Google, CitiGroup, Sony Network to government organizations like CIA, IMF and much more across the world.

So what could be the reasons for the unprecedented rise in cyber attacks? Are security companies failing with their technologies? Is enterprise security too sloppy? Or have hackers gained an upper-hand technologically? The questions seem to be many at the moment but answers are very few.

But one thing that seems to be clear at this moment is that hackers are using sophisticated tools to carry out their attacks. The modus operandi of the attacks are identical but they use a combination of various attacks techniques, thus making it difficult to prevent them.

Scott McCrady, director – managed security services, Symantec Corporation, says it is an open season on organizations right now. Previously, attacks were targeted at mass population; however, now very small populations are increasingly targeted.

He adds that in the year 2010 alone there were 290 million different types of  threats noticed. The attacks are more sophisticated and have different motivations, he pointed out. Cyber criminals have been using a variety of attack techniques which may include sphere phishing, social engineering, searching engine poisoning among others.

Also read: Hackers are back with a bang!

According to Oliver Tavakoli, CTO, Juniper's Device and Network Services Group, hackers haven't really invented new attack techniques. They are utilizing previously seen techniques in creative combinations and are simply being more targeted and persistent in their pursuit of a particular asset which they wish to attack. What is called an Advanced Persistent Threat (APT) is basically existing techniques married to planning and persistence.

Implications

According to Tavakoli the high-profile nature of these attacks has two effects: (1) it encourages copy cats, thereby increasing the likelihood of additional attacks, and (2) the disclosure of attacks by some companies create cover for other companies to disclose attacks which they might have kept secret in the past.

Can APTs be prevented?

The Juniper CTO observes that the underlying attack primitives (e.g. buffer overrun, SQL injection, etc.) are so varied that mounting a complete defense against a determined attacker is quite complicated. It would require the adoption and coordination of a number of different defensive techniques –  the problem is that it is often quite difficult to know when all the possible holes have been plugged. And currently, the tools available to attackers and the determination they are showing are outstripping the average enterprise's capability to assemble the appropriate defenses.

McCrady points out that any single security technology can't ensure 100 per cent security. In order to prevent attacks,  enterprises need to implement core security practices, have appropriate security layers and engage in real-time monitoring of their respective network security.