A recent spate of targeted denial of service attacks on organisations such as Spamhaus and Bitcoin remind that such attacks are seen as one of the best ways to attempt to halt or slow key internet-based services by those with a motive to do so. Many IT managers probably look-on, shrug their shoulders and say: “Why would they target us? We are not a high-profile internet service.”
May be so, however, recent Quocirca research has shown how all organisations rely on the internet to communicate with both customers and partners (free report here Digital identities and the open business). This is a double-edged sword. Of course, the internet has become key to enabling high-speed automated transactions for many businesses, but from an IT security perspective it also means that those who want to can more easily target the activity of given business for any number of reasons.
Denial of service is just one way of attacking a business, and slowing or halting its activity for a period of time is just one reason for doing so. Another recent Quocirca research report shows that many European businesses have been impacted by a range of other network-related attacks, and often these are not aimed at service disruption or damaging reputation but instead the theft of personal and/or financial data, in particular that relating to payment cards (see free report here The trouble heading for your business).
“Low-profile” businesses that do not deal much with personal data may still feel they are unlikely to be targeted. Don’t be so sure. Quocirca was talking with a small engineering firm the other day that with this same view. Later in the conversation, the firm said it would be bidding for some work on the proposed controversial High Speed-2 (HS2) rail link. Hacktivists see small suppliers working on such projects as weak links and targeting them as a way of undermining the overall project. Any organisation can unexpectedly become a target.
There is a growing awareness of the dangers of both cybercrime and hacktivism shown by Quocirca’s recent research. Organisations are starting to invest in the defence measures necessary to defend themselves. This includes better understanding what is happening on the networks they rely on especially as the formal network edge has dissolved in to a virtual perimeter that cannot be policed using traditional measures such as firewalls and intrusion prevention systems (IPS).
How European business are going about this and the degree of success they are having will be the subject of a webinar Wednesday April 17th titled “It’s time for a new perimeter – protecting your IT infrastructure from malicious attacks” hosted by network defence specialist Corero; for more information and to register click HERE.