ME firms face ‘persistent’ new security threats

Posted: February 1, 2011 in Vulnerabilities

Organisations in the Middle East will continue to fall victim to the same type of hacking attack that hit Google, Adobe and other companies unless there’s an emphasis on security threat detection instead of just prevention, warns a senior executive from McAfee.

Google made headlines in January when it said it had been the target of a “highly sophisticated and targeted attack”, found to originate from China, which saw intellectual property stolen. The attacks, dubbed Operation Aurora affected at least twenty other large companies, and became a high-profile example of Advanced Persistent Threats (APT), where the emphasis remains on not getting caught so criminals have long-term access to a network and can steal data at will.

Eric Cole, senior VP and CTO of the Americas at McAfee, warns that organisations in the Middle East more prone to APT attacks, in spite of adopting similar security measures to their peers in other parts of the world.

“If you look at some of the organisations in the Middle East that are some of the largest entities in terms of oil production and some other very high-net worth organisations that are located there, I would say that would increase the focus and level of attacks that the APT is doing against that region,” he told ITP.net.

While McAfee can’t reveal which regional companies have fallen prey to APTs, Cole says that it’s not necessarily government entities or financial institutions as one would typically expect.

“The one we’re seeing a lot of focus on is actually the companies that have a large amount of intellectual property – manufacturing, oil production….organisations where they have competitors and they’re dealing with information, data or resources that have significant value.”

APTs have increased in the last year or so, and are characterised as being stealthy, data-focused and very targeted.

“Most of the current defence mechanisms that organisations have deployed three to five years ago are not effective because they are looking for static style attacks that are visible, and they’re trying to prevent the attackers from coming in,” Cole explained, adding that the solution is to focus on detection. “You have to do a lot more detection. Most companies put all their security on prevention, but we have to remember that we can’t prevent all attacks. Prevention is ideal but detection is a must.”

In essence, any company that’s connected to the internet and has sensitive intellectual property is a target.

“Most organisations that get compromised with APT don’t know about it for six to nine months, so there could very well be many organisations right now in the Middle East that are compromised and they won’t know about it for months or until the visible signs are there,” added Cole.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s