Recent IT Security Breaches Are Alerts to Clean House

Nicole Smith, Dell enterprise technology blogger | 5/24/2011 | 4 comments

Nicole Smith
For several days in April, credit card operations at one of South Korea’s banks were crippled by an attack on its servers that may have resulted in irreparable data loss, according to Seoul media reports. The fallout for Nonghyup Bank is ongoing, as consumer groups weigh class-action lawsuits, and a trial over the security breach plays out in South Korean courts.

For large enterprise observers the world over, recent high-profile breaches like those at Sony and Nonghyup are apt to encourage senior executives to reevaluate whether their risk-assessment plans are adequate.

“The threat landscape is constantly changing,” says Charisse Castagnoli, a midmarket security strategist at Dell. “The question is how to have pragmatic security and risk management, while protecting your critical assets appropriately.”

Companies often underestimate their risk levels and, therefore, don’t have appropriate plans, Castagnoli notes. Any company handling large amounts of money, personal identification data, or critical infrastructure should consider itself at high-risk. Castagnoli says some of the questions senior leadership should consider are:

  • What makes my company attractive to political hackers and cybercriminals?
  • To what extent are my customers dependent on my Website?
  • How important to my business are my cyber-brand and cyber-reputation?
  • Are my employees computing at-large well educated on best-practices to avoid malware?

Castagnoli underscores the importance of avoiding malware contamination because of the difficulty involved in detecting it after a breach. In the Nonghyup case, the laptop of a senior IBM contractor was breached in September. The malware went undetected until the April 12 attack.

“Many companies only filter network traffic from the outside-in. If you are a high-risk target, you have to also monitor from the inside-out. Additionally, consider what protection your users have when they leave the protected corporate domain, such as when users are on public WiFi or home networks.”

Castagnoli says partnering with solutions providers like Dell SecureWorks, which offers 24/7 monitoring capabilities and other IT asset protection services, can make it affordable to institute and manage comprehensive monitoring.

View Comments: Newest First | Oldest First | Threaded View
dugsong   Recent IT Security Breaches Are Alerts to Clean House   5/25/2011 6:12:58 PM
Re: Targeting users
Hi Nicole,

Attacks we've seen subvert out of band authentication have been man-in-the-middle attacks against SMS passcodes, and social-engineered phone callback interception. These both require an order of magnitude more effort from an attacker, who would normally just collect credentials from compromised endpoints en masse, and now has to deal with each user in real-time.

But we've also pioneered an out-of-band method that isn't vulnerable to this - our smartphone push authentication, which authenticates logins/transactions using a mobile app.

The threat model then advances to also getting malware onto a user's phone, and defeating the security isolation between applications on the phone itself - a trick we pioneered ourselves - but also know how to defend against.

When the hurdle for successful attack changes from simple mass endpoint compromise (drive-by malware, phishing, etc.) to compromising phones, and matching them up with user's compromised computers to answer cryptographic requests in real-time, it's a game changer - like the shift from Telnet to SSH (which we also have some familiarity with - see the ssh manpage ;-)

Thanks for your coverage of this issue!
Nicole Smith   Recent IT Security Breaches Are Alerts to Clean House   5/25/2011 4:18:05 PM
Re: Targeting users


You've raised some good points. Serious effort to educate and empower users to be more vigilant, particularly as they use mobile devices, ought to come along with the trust you mentioned. A user unaware that their system is compromised will still supply that secondary validation and unwittingly open more doors to the attacker.

Having a solid pre-breach strategy and clarifying what activity will trigger a response are important too.

Thanks for the insights. I'm interested in your thoughts on combatting malware that subverts out-of band authentication.

 
User Ranking: Blogger
dugsong   Recent IT Security Breaches Are Alerts to Clean House   5/25/2011 2:56:27 PM
Targeting users
Smart attackers are going after users, not systems, since they can simply follow users through all the security controls by impersonating them. No organization of any real size is ever going to be able to keep attackers out completely. The quote about "filtering" inbound traffic, but only "monitoring" outbound traffic is telling - we trust our users, but these attacks are succeeding because we simply cannot distinguish attackers from legitimate users once they've gotten inside.

Google, Facebook, Chase, Paypal, etc. are actually leading the way by providing an extra line of defense by requiring a user's mobile phone as a second login factor. Even if a user's computer is completely compromised, an attacker still needs their phone to complete a login or high-risk transaction. It's sad that most enterprises (and banks!) are less secure in this regard than Facebook (although we're hoping to change this at Duo Security)!
Technocrat   Recent IT Security Breaches Are Alerts to Clean House   5/24/2011 1:19:10 PM
Latte and a Good Book ?!

@ Nicole     Welcome !   A very good read and some really great points to remember about security threats.  Many overlook WiFi as one of the most insecure methods of infiltration by would be hackers.   I have been victim of this I must admit and I hope to think I know a little about computers, but that just goes to say that those who know considerably less are at a major risk of having their information stolen.  In my case, it was a home router I didn’t know supported WiFi ( much less that it was enabled ! ) and as a result my neighbors piggy back off my dime for months ?  Embarrassing I know. 

But I learned the hard way and unfortunately that will be the case of the Starbuck’s/Barnes and Noble groupie….while they think they are just enjoying a latte, a good book and some soothing music, someone could be recording their every keystroke rather easily.  If you are doing some kind of business in this environment – well you know the rest of the story.

Knowing is half the battle, doing something proactive is the other side of the coin, but how many of us will do it ?  Not many I am afraid, not until it is too late.  So leave your WiFi disabled when enjoying your latte and a good book or take the effort to protect yourself. 

Before it is too latte...  ( Sorry couldn't resist !)    : ) 



The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.

More Enterprise Delliberation
Nicole Smith   8/3/2012   13 comments
Cybercrimes and network security breaches consume headlines with unsettling regularity. And though it's great for enterprises to become more vigilant and proactive about security in light ...
Nicole Smith   8/2/2012   9 comments
Analog sunset is affecting the video surveillance industry as more companies make the shift from analog video to network video surveillance. For small and midsized businesses, an IP ...
Nicole Smith   8/1/2012   8 comments
Students tend to think summer break flies by too quickly, and the IT departments at their school districts might be inclined to agree. Such breaks in the school calendar often represent ...
Nicole Smith   7/26/2012   8 comments
Having the flexibility to determine where, when, and on what device you will get your work done is becoming increasingly prized. The University of Toledo knew that, for its students with ...
Nicole Smith   3/14/2012   0 comments
Check out the weekly roundup of IT efficiency and innovation content by Dell's enterprise technology bloggers.
Latest Archived Broadcast
In this episode, you'll learn how to stretch the limits of your private cloud -- and how to recognize the limits that can't be exceeded.
On-demand Video with Chat
IT has to deploy Server 2012 in a way that fits the architecture of its application delivery system.
E2 IT Migration Zones
IT Migration Zone - UK
Why PowerShell Is Important
Reduce the Windows 8 Footprint for VDI
Rethinking Storage Management
IT Migration Zone - FR
SQL Server : 240 To de mémoire flash pour votre data warehouse
Quand Office vient booster les revenus Cloud et Android de Microsoft
Windows Phone : Nokia veut davantage d'applications (et les utilisateurs aussi)
IT Migration Zone - DE
Cloud Computing: Warum Unternehmen trotz NSA auf die „private“ Wolke setzen sollten
Cloud Computing bleibt Wachstumsmarkt – Windows Azure ist Vorreiter
Like Us on Facebook
Twitter Feed
Enterprise Efficiency Twitter Feed
Site Moderators Wanted
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail:
moderators@enterpriseefficiency.com
Informed CIO: Dollars & Sense: Virtual Desktop Infrastructure
Cut through the VDI hype and get the full picture -- including ROI and the impact on your Data Center -- to make an informed decision about your virtual desktop infrastructure deployments.

Read the full report
Virtualization Management: Time To Get Serious
Welcome to the backside of the virtualization wave. Discover the state of virtualization management and where analysts are predicting it is heading

Read the full report
PUBLIC SECTOR RESOURCES
WHITE PAPERS
A Video Case Study – Translational Genomics Research Institute
e2 Storage Video


On the Case
TGen IT: Where We're Going Next

7|11|12   |   08:12   |   10 comments


Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
On the Case
Better Care Through Better Communications

6|6|12   |   02:24   |   12 comments


The achievements of the TGen/Dell project could improve how all people receive healthcare, because they are creating ways to improve end-to-end communication of medical data.
On the Case
TGen IT: Where We Are Now

5|15|12   |   06:58   |   5 comments


TGen is breaking new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions.
On the Case
TGen IT: Where We Were

4|27|12   |   06:45   |   10 comments


The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
On the Case
1,200% Faster

4|18|12   |   02:27   |   12 comments


Through their partnership, Dell and TGen have increased the speed of TGen’s medical research by 1,200 percent.
On the Case
IT May Improve Children's Chances of Survival

4|17|12   |   02:12   |   8 comments


IT is helping medical researchers reach breakthroughs in a way and pace never seen before.
On the Case
Medical Advances in the Cloud

4|10|12   |   1:25   |   5 comments


TGen and Dell are pushing the boundaries of computing, and harnessing the power of the cloud to improve healthcare.
On the Case
TGen: Living the Mission

4|9|12   |   2:25   |   3 comments


TGen's CIO puts the organizational mission at the heart of everything the IT staff does.
On the Case
TGen Speeding Up Biomedical Research to Save More Lives

4|5|12   |   1:59   |   8 comments


The Translational Genomics Research Institute is revamping its computing to improve speed, storage, and collaboration – and, most importantly, to save lives.
On the Case
Computing Power Helping to Save Children's Lives

3|28|12   |   2:13   |   3 comments


The Translational Genomics Institute’s partnership with Dell is enabling them to treat kids with neuroblastoma more quickly and save more lives.
Tom Nolle
How Deep Is My Storage Hierarchy?

7|3|12   |   2:13   |   5 comments


At the GigaOM Structure conference, a startup announced a cloud and virtualization storage optimizing approach that shows there's still a lot of thinking to be done on the way storage joins the virtual world.
E2 Interview
What Other Industries Can Learn From Financial Services

6|13|12   |   02:08   |   3 comments


We asked CIO Steve Rubinow what CIOs in other industries can learn from the financial services industry about datacenter efficiency, security, and green computing.
E2 Interview
Removing Big-Data Flow Bottlenecks

6|12|12   |   02:55   |   No comments


We ask CIO Steve Rubinow what pieces of financial services infrastructure need to perform better to get traders info faster.
E2 Interview
Getting Traders the Data They Need

6|11|12   |   02:04   |   1 comment


We ask CIO Steve Rubinow: What do stock market traders need to know, how fast do they need it, and how can CIOs get it to them?
E2 Interview
Can IT Help Fix the Global Economy?

6|8|12   |   02:32   |   2 comments


We ask CIO Steve Rubinow whether today's IT can help repair the global economy (and if IT played any role in the economy's collapse).
E2 Interview
More Competitive Business via Datacenter Strategy

5|4|12   |   2:46   |   1 comment


Businesses need to be competitive, yet efficient, and both goals affect datacenter design.
E2 Interview
The Recipe for Greater Efficiency

5|3|12   |   3:14   |   2 comments


Intel supplies the best ingredients to drive greater datacenter efficiency and support new compute, storage, and networking needs.
E2 Interview
Datacenters Enabling Business Transformation

5|1|12   |   06:37   |   1 comment


Dell’s Gaurav Chand says that for the first time ever datacenter technology is truly enabling all kinds of organizations to transform their business and achieve new objectives.
Tom Nolle
Cloud Data: Big AND Persistent!

3|28|12   |   2:11   |   10 comments


We always hear about "Big" data, but a real issue in cloud storage is not just bigness but also persistence. A large data model is less complicated than a big application repository that somehow needs to be accessed. The Hadoop send-program-to-data model may be the answer.
Tom Nolle
Project Lightning Streamlines Storage

2|16|12   |   2:09   |   2 comments


EMC's Project Lightning has matured into a product set, and it's important, less because it has new features or capabilities in storage technology and management, than because it may package the state of the art in a way more businesses can deploy.
Tom Nolle
Big Data Appliance Is Big News

1|12|12   |   2:18   |   No comments


Oracle's release of a Hadoop appliance for Big Data may be a signal that we're shifting to database appliances.
Tom Nolle
Myopia Can Hurt Storage Policy

12|22|11   |   2:08   |   No comments


We're at the beginning of a cloud-driven revolution in storage, but Oracle's quarter shows that enterprises are hunkering down on old concepts because they're afraid of the costs in the near term.
Sara Peters
An Untrained User & a Mobile Medical Device

12|19|11   |   2:43   |   11 comments


Untrained end users, clueless central IT staff, and expensive mobile devices are a worrisome combination for healthcare CIOs.
Tom Nolle
Too Many Labels on 'Big Data'?

12|9|11   |   2:12   |   3 comments


However you label it, structured and unstructured information are different and will likely always require different tools.
Sara Peters
E2 Debuts New Storage Section

12|8|11   |   1:51   |   1 comment


Need strategic guidance on everything from SSDs to 100 percent virtualized datacenters? Look no further.