BANGALORE, INDIA: Symantec Corp.recently announced the findings of its report on Attack Toolkits and Malicious Websites which points out that attack kits are becoming more accessible and relatively easier to use, they are being utilized much more widely.
This has attracted traditional criminals who would otherwise lack the technical expertise into cybercrime, fuelling a self-sustaining, profitable, and increasingly organized global economy.
A few years ago, we had individual cyber attackers who used to attack a websites for the sake of fame. Over the years, every this has become so dependent on the Internet and network that they have become the source for carrying out the attacks. A sea of attacks are being carried out on government and industries. The magnitudes of attacks are alarming and cyber criminals are stealing large amounts of confidential data from governments through the Internet.
But how prepared are enterprises and security vendors to deal with such attack?
Also read: Mobile devices and Apple will be top targets
Enterprises have not yet re-designed their defences to counter the Advanced Persistent Threats pointed out
Steve Hanna, distinguished engineer with Juniper Networks and co-chairman of Trusted Computing Group in a recent interview to CIOL.
According to Hanna, the ATP attacks are persistent, unique and not just clone of some other attack. They can look for vulnerability and write codes. When you seen these kinds of attacks it's like something you have never seen before.
Also read: 2011 security predictions
You can't use signature-based approaches for these kind of attacks. So we need a behaviour-based approach and have a co-ordinated defence. Our network defences has to be as intelligent as our attackers.
So we need to have military-grade defence even in commercial places. Otherwise the APT can creep into organisations and infect the systems. And generally it is very difficult to disinfect the machines later.
In India too we have seen a disturbing number of military-grade attacks. Ghost Net and Shadow Net are well documented attack networks that have been documented by researchers. They found attacks from these networks in the office of Dalai Lama. The same attackers have also been recorded to have infiltrated Indian government sites and extracted classified information.
"I am not aware of any documented military attacks on commercial establishments in India. But it can be something happening. The attack from Ghost Net and Shadow Net had went on from years before they were actually discovered." Hanna added.
Also read: 'Cyber security is a diplomatic issue today'