New cyber security threats facing the public sector

Security experts say the attacks represent a new kind of security assault that can overcome the defences of even sophisticated companies such as Google.

They are carried out by very "motivated" and organised people and are targeted at a specific organisation, according to James Chappell, head of enterprise security services at Detica, who spoke at the recent conference on Modernising Justice Through IT.

The types of attacks Google experienced may still be infrequent, but Chappell predicts they are likely to increase as use of the internet continues to spread and business systems increasingly rely on cloud computing.

Some attacks might stem from the stereotypical "casual attacker" – a teenager in their bedroom – but cyber attacks are also increasingly becoming a way for hostile foreign states to attack other countries as the technology gets more sophisticated.

He said more people will get the skills needed to launch assaults on the systems of any organisation with the aim of getting hold of data, causing operational problems, or making a political point.

High-profile public sector organisations are perhaps more likely to have to cope with assaults like Google's, but Chappell said the approach in most departments or local authorities is wrong at the moment.

"A lot of protection today works on the basis of protecting against something that is already known about. If there is something that is not known about, and has not happened yet, how do you understand it and protect yourself?

"We are trying to explore what the threat is to civil government, and find out whether there is a level of awareness that they ought to be protecting themselves. Our impression is that the awareness is quite low."

The approach companies should be following is one based on monitoring and analysing data across the organisation carefully, to check for anomalies and anything unusual.

And seeing as most of the new kinds of attacks come through the internet, an excellent – albeit fairly drastic – way of protecting corporate networks is to separate them from the network the internet runs on.

Chappell admits this is costly, and said Detica has been looking at virtualisation as a way of separating machines virtually while cutting costs.

"How do organisations keep ahead of cyber security problems when there is no budget to invest in systems? The financial climate in the public sector is more austere than it has been for years, and the advice is to target specific vulnerabilities.

"It is about picking the areas you have vulnerabilities in to get the benefits. If you review existing operations and reduce costs there will be some budget to do something with", he said.

This article was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?