Cyber Crime: How to Prevent an Attack and Mitigate Damage

 Author(s): , Posted 06/6/11


Over the past couple of weeks, we’ve seen reports of major defense contractors and systems integrators being the target of sophisticated cyber-attacks that appear to have leveraged vulnerabilities created from the RSA SecureID hack. In March, RSA notified SecureID customers that the company discovered an ongoing sophisticated attack targeting its internal systems.

The attack resulted in attackers extracting information from RSA’s systems — specifically the “secret seed” data used to generate the one-time passwords for RSA SecureID tokens — which hackers used to initiate subsequent attacks.

As the number and severity of attacks continues to rise, many organizations are worried. If these types of cyber attacks can happen to some of the most secure organizations in the world, are we as secure as we should be?

The first step to preventing a cyber attack is to make sure you have a mitigation plan in place. Part of the plan should include an IT solution map of IT assets, to fully illustrate the relationship between IT security vulnerabilities and the potential business impact of an attack on them. This helps allocate budget, and ensure your most mission-critical data is backed up most often. A colleague of mine, Walt Leach, has written on this subject for the Economist Intelligence Unit.

Here are a few more suggestions for elements to include in your mitigation plan:

  • Maintain an open dialogue with the provider of the solution under attack. It appears that RSA is making significant efforts to keep customers informed. Discuss your security concerns with the vendor involved to understand the full risks to your organization.
  • Be prepared for an extended investigation. Investigating sophisticated cyber-attacks can take several months. Security professionals will need time to analyze data and deconstruct the attack. Put measures in place to ensure you are engaged until the final report is issued.
  • Inform your user base. Users should be made aware of the incident and possible implications and be instructed to maintain a heightened sense of awareness.
  • Evaluate your internal systems. Regular evaluations of your internal information systems should be an embedded process. Review the information systems protection levels for both operating systems and applications. Make sure that all applicable security patches are installed, and review the configurations of access control systems for appropriate segregation and least privilege.

It’s important to keep in mind that mitigation plans need to be continually updated, as cyber attacks will become increasingly more intelligent. If you are unsure of how to start protecting your assets from cyber attacks, vendors such as Unisys can help you develop mitigation plans to ensure your data is safe.

The statements posted on this blog are those of the writer alone, and do not necessarily reflect the views of Unisys.

«Down Under: Internet Trumps Bricks and Mortar as National Infrastructure to be Secured
Celebrities, Cybercrime, and the Courts »

One Response to “Cyber Crime: How to Prevent an Attack and Mitigate Damage”

  1. Bill Morgan says:


    Corporations should consider BioSig-ID(TM) a software only biometric.

    Biometric Signature ID (BSI) offers the world’s first software only gesture biometric called BioSig-ID(TM) that can be used as a layered or “defense in depth” solution to strengthen or enhance online multi-factor authentications.

    Unlike, pins, passwords or tokens (something you know and something you have) that are often shared, stolen or hacked, with proper training, it is exceedingly difficult to defeat a biometric – “something you are”.

    Since nothing is 100% hackerproof, in the event that a “gesture biometric” is somehow compromised, simply “revoke and replace” using a patented “closed loop” feature without compromising an actual piece of you (e.g., fingerprint, iris, etc.) that would otherwise be lost forever.

    Test drive it at http://www.biosig-id.com/products/test-drive/

    Simply scan the directions, watch a short YouTube clip and drive on!

    Got questions?

    Contact me at bill.morgan@biosig-id.com

    or 972.436.6862

Back To Top