Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    While everyone on the Internet seems to want to add commentary on the announced Lulzsec arrests today, I might as well jump in with my own thoughts on the matter.

    While it is great to see those who break the law get brought to justice, I think there is a much larger issue underlying the growing Hacktivist phenomenon.

    First, I think the more important message here, and that is that these arrest really don’t change the trajectory of Hacktivist attacks – the hackings & attacks will continue, and in fact they may even escalate.

    Why? Because they can.

    The underlying story here is this – it should not be so trivially easy for Hacktivists (or anyone else for that matter) to hack people’s networks.

    These Hacktivists are – for the most part – not truly “professional criminals”. The real professional cybercriminals are still out there in Eastern Europe and China (and elsewhere), and they are not posting their pilfered data to Pastebin or announcing their purloined data caches on Twitter. I highly doubt that law enforcement, for the most part, will be able to properly identify these “professional” criminals, much less get them arrested, extradited, and prosecuted.

    And while I think that most people want lawbreakers arrested, I think it is unrealistic to think that it will happen in anything approaching a majority of these cases. In fact, that may even be the wrong primary approach.

    The real target here is the poor security posture, awareness, and operational practices of organizations around the world with regards to unauthorized access to their intellectual property, PII (Personally Identifiable Information), control systems, credit card data, and other valuable information & systems.

    Sure, I’m glad these guys got arrested, but I think there is a much more important message here which is not being put forward – organizations are simply not doing a good enough job of protecting their assets.

    There needs to be a much more holistic approach to this problem, and I’m not even exactly sure where to start – perhaps with the basics? There is a plethora of network and data protection practices which organizations can take to continue to “raise the bar” in the effort to change the odds in their favor. It is a continual assessment posture – a holistic security operational practice of the OODA Loop (observe, orient, decide, act) phenomenon, which is widely accepted combat practice geared towards “optimal situational awareness”.

    What I really like about the OODA Loop reference model is that it forces organizations to do constant “care and feeding” of their security posture, observations, measurements, and adjustments.

    Now, this may sound like a bunch of hooey, but this is actually a known successful security posture which has been advocated by network security professionals for over 20 years. The first thing you need to do, as an organization, is understand what your network looks like, properly segment & protect the assets according to their intrinsic value, and then constantly protect & monitor traffic which may indicate improper or unauthorized access.

    I could go on about these concepts for many, many pages (and perhaps I will in a future white paper), but the bottom line is that, when you are connected to the Internet, there is no 100% security. The best you can do is continually “raise the bar”on protecting your assets, making it more & more difficult for your organization’s security to be penetrated.

    No amount of Hacktivist arrests can do that job for you.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    • http://marscacacho.com MarsOnEarth

      But still, at the end of the day, Security will always be as strong as its weakest link – it’s user.

      Sabu used by Feds to lure other Anons and Lulz to surface?!-I’m not buying it.

    • djmasturbeat

      the real criminals are multi-nationals and their lackey puppets and lapdogs in political offices.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice