[BreachExchange] Hackers Slip into Networks During High Traffic Times: Here’s How to Stop Them

Audrey McNeil audrey at riskbasedsecurity.com
Fri Dec 23 10:21:19 EST 2016


http://www.smartdatacollective.com/marcsollars/456611/hackers-
slip-networks-during-high-traffic-times-here-s-how-stop-them

Today’s digital attackers show extraordinary sophistication, long-term
planning, and guile. Threats are burrowing inside company networks every
time the network is busy. Peak demand events, like stores’ sales and
Holiday shopping, give criminals cover to introduce malware onto networks –
or carry out exploits such as harvesting consumers’ personal details using
malware dropped on the network months before.

Recently, hackers of Wendy’s and Yahoo downloaded millions of records weeks
after infecting their IT infrastructures. Verizon estimates that network
threats lie undiscovered for 207 days on average. In order for retailers to
stop these threats from happening, they must pay special attention to the
activity on their network during peak traffic times.  A good place to start
is by examining the threats inside the network.

Businesses accept that armies of botnet computers can take down a website;
retail executives have to harness their own computing resources in a
benevolent way, on a correspondingly gigantic scale, to neutralise threats
inside their networks. This can be achieved based on innovations including:
Next generation tools such as data-analytics and machine-learning to embed
security systems, automated threat management and behavioural attack
detection resources can help retailers manage the huge task of examining
threats hidden in IT infrastructures amid soaring traffic. CIOs can use
automated systems to review data crossing their networks even in these
conditions - detecting threats that even recently-released proprietary
security solutions can no longer identify.

New technologies that look at automated and behavioural threat detection
break new ground in identifying these threats within the network. This is
because they are bridging the gap between the firewall and the security
information and event management (SIEM), and can monitor network east to
west traffic far more efficiently than human-led interventions. For
instance, a retailer running a SIEM system may indeed identify threats on
the network from the logs, but just applying the system isn’t enough. To
truly combat the security breach, the retailer needs to look at the packets
within the network that is able to provide early warning in determining
factors such as whether the attack was isolated, what was altered in the
attack and how it entered the network; and without artificial intelligence
they would have to do this manually.

Retail IT teams will also need to determine malware behavior patterns and
plot how such attacks will play out in the future using tools such as
cognitive algorithms; this innovation is an intelligent way to fight off
hackers’ zero-day threats that exploit corporate system vulnerabilities
that are still unknown to their IT team.

Most of all, retail executives need to build a flexible security posture
and practical measures that constantly evolve - just as criminal threats
do. And when an IT team does enact a mix of machine learning and artificial
intelligence  resources to number-crunch the mass of network traffic for
big events like Black Friday – or any other big retail promotion - boards
might be pleasantly surprised to learn that these tools can be hooked up to
their company network by a simple local network connection.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161223/96620109/attachment.html>


More information about the BreachExchange mailing list