Protecting Sensitive Data and Networks
Author(s): Linda Welch, Posted on June 5th, 2014
Protecting sensitive data and networks has become a complex proposition for a majority of organizations. The network perimeter of the past has vanished and data can no longer be contained, let alone protected within traditional network environments. The explosion of available data is one of the prime reasons for this change. According to IDC, there will be 80 exabyes of data made available in 2014 that is almost triple the amount available in 2010. To give you a sense of size, one exabyte of storage could contain 50,000 years’ worth of DVD-quality video. That data is also in a variety of formats with a large percentage now in unstructured data like pdf files, video, images, etc. These types of data are harder to manage and attackers have increasingly integrated malware into these files. For example, Kaspersky Labs recently discovered encrypted malware hidden inside a JPEG image. Within the file was code that could be used for data theft. This is commonly referred to as steganography. The practice dates as far back to ancient Greek historian Herodotus who used the technique to hide a warning about a forthcoming attack. Threat actors have incorporated the technique into electronic data files that include malware executables that can result in theft of sensitive data.
“Mobile computing has accelerated the access and sharing of data from multiple devices putting pressure on IT to define policies for devices that may not be corporate owned,” notes Scott Johnson, Director of Product Management for Unisys. Cisco’s 2013 global mobile forecast, states that there are approximately 7 billion mobile devices in the world today, one for each human being on the planet. Cloud computing with AWS, Azure and others is changing the way data centers are deployed and managed, thus changing the security paradigm for protecting them. Social networking and collaboration solutions, from LinkedIn to Basecamp, expand the ‘access ecosystem’ of available data further putting pressure on the need to protect sensitive data for organizations.
“In addition to the perimeterless network and access to data, you now have to deal with the fact that the threats are increasingly becoming more sophisticated. This is in part due to the shift in the types of individuals that are seeking access to sensitive data,” explains Johnson. From Hactivist to organized crime, the motivations may be different, but the focus on access to sensitive data is a primary target for attacks. They are organized, smart and they leverage the latest techniques in exfilitrating sensitive data. Many attacks, such as the Zeus Trojan, first detected in 2007 and still active, leverage multi-layer, polymorphic techniques that start with compromising the server. Once in, the malware captures user credentials and sends Command and Control data to a server outside the organizations network that is controlled by the hacker. Data is then exfiltrated without the organization’s immediate knowledge. This is effectively what happened at Target and other recent security breaches. Zeus and its variant ZeusVM acts as a man in the browser attack allowing threat actors to collect information from the victims as well as perform online transactions.
The shift in the attack vector from operating systems and the network itself to more targeted types of attacks like web applications, browsers and software means that reactive patching and updating signatures is not enough. For example, in 2013, there was a significant increase in Java related vulnerability disclosures that could be exploited via spearphishing with the various exploit toolkits that are there such as Blackhole and Cool. Traditional security means won’t thwart these types of attacks.
According to Ponemon Institute, the average cost per breach for the top 9 countries is over $1 million for the US, AU, DE, FR and the UK. Yes, that is per incident and includes the cost impact of estimated lost customers, market value, reputation, etc. So while somewhat subjective, based on what we saw with Target, there is truth to it.
“Our recent investments in new technology offerings leverage a number of disruptive trends including social, mobile, analytics, cloud and fabrics as well as cybersecurity,” explains Fred Dillman, Chief Technology Officer for Unisys. Unisys is combating the types of sensitive data loss challenges for organizations with our innovative security offering called Stealth. Stealth offers a combination of Security, Agility and Cost Savings that enables customers to reduce the attack surface that attackers are targeting. Because Stealth is non-disruptive, and easily adapts to any changes in your infrastructure, you do not need to change operations. Now you can prevent rather than react to cyber-attacks, especially in data center network environments where the crown jewels of the organization are located and accessible by other devices.
Stealth provides proactive protection by cloaking servers and endpoints to create containers or communities of interest that unless you are a part of, you simply cannot see. Attackers cannot see the device to relegate an attack against. The data and transactions are simply undetectable by any other user and device that is not part of the same Community of Interest.
You can see that when the devices are cloaked, they are Stealth enabled. Stealth ensures that only authorized users can access key devices and the data on those devices. This provides increased confidentiality of data as well as data integrity, despite the lack of a traditional network perimeter. A Stealth enabled device can be set to communicate remotely to access only certain segments of the network, while freely browsing to external web sites. The attack surface remains protected even if the device is infected. It simply cannot connect to other devices outside of its Community of Interest.
Unisys Stealth provides the security, agility and cost effectiveness across a number of core security uses in your organization’s environment. From the data center to the cloud, Stealth provides secure remote access, mobility and regional isolation. Stealth enables next generation security to help proactively protect your organization against today’s new threats. The result is a reduce attack surface that can result in the loss of sensitive data without complex changes to your current network infrastructure.
With Stealth, you can’t hack what you can’t see.
Watch the Applied Innovation Webinar on demand on this topic with Scott Johnson, Director of Product Management, Unisys Stealth Security Solutions, for additional information and insight.
You’re encouraged to comment on this blog or ask questions and get additional information on Stealth by emailing us at AIWebinars@unisys.com.