Skip to main content

Controls to Address APTs

Controls to Address Advanced Persistent Threats & Information Warfare:

  • Preventive Controls: These are the controls which prevent loss from occurring. For example, this control that applies separation of responsibilities like one employee can submit a payment request and second employee must authorize that request, it will minimizes the chances that employee can submit fraudulent payments.
  • Detective Controls: These controls are especially for the monitoring activity to find out the cases where correct practices were not followed. For example, business might settle the general payment request audit logs to identify fraud payments logs
  • Corrective Controls: Corrective controls are designed to restore the system back to the state prior to a destructive event. For example, business may apply full refurbishment of a system from backup tapes after evidence is found that someone has inappropriately altered the payment data.

Advanced persistent threats usually target victims at users’ ends using social engineering technique, attacks that are usually more effective because they are targeted with knowledge gathered from social networking sites.
It is possible that hackers will search for information readily available on the Internet to find individual victims and organizational roles to target. They do this in order to gain knowledge of organizational arrangement, internal working and eventually to target individuals they trust will potentially have access to or own the most sensitive data.
It is important that organizations behave like their opponent and understand that it is any loophole that can be used against their organizations and that a determined attacker will stop at not to find a technical vulnerability to exploit or determine where loopholes exist in your business ideas. It is critical that all organizations take the appropriate steps to deal with the social engineering aspects of users.

Following are a few more general best practices to adopt to control APT and information warfare attacks:

  • Always use defense in depth concept for security, single technology will not prohibit advanced targeted attacks.
  • Continuous integration and security intelligence between your security controls should be a stated security program objective.
  • Setting awareness in security controls should be a important requirement while evaluating the security of protection platforms.
  • Evaluation of all security technologies and existing controls if required, update or upgrade them and apply advanced features in the latest available products or services to continue with changes in the threat background.
  • Review the policies applied but do it with the idea of joining the security processes between each technology so that actual management of threats is possible and decreasing of breach events is the more likely possible.
  • Staff suitably to ensure that you can operate all the upcoming technologies and required to engage third parties to manage more service security checks while you focus on the strategic security processes and technologies.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Special Permissions in linux

The setuid permission on an executable file means that the command will run as the user owning the file, not as the user that ran the command. One example is the passwd command: [student@desktopX ~]$ ls -l /usr/bin/passwd -rw s r-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd In a long listing, you can spot the setuid permissions by a lowercase s where you would normally expect the x (owner execute permissions) to be. If the owner does not have execute permissions, this will be replaced by an uppercase S . The special permission setgid on a directory means that files created in the directory will inherit their group ownership from the directory, rather than inheriting it from the creating user. This is commonly used on group collaborative directories to automatically change a file from the default private group to the shared group, or if files in a directory should be...
Post a Comment
Read more

RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version

import tweepy /usr/lib/python2.7/dist-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version!   RequestsDependencyWarning) Traceback (most recent call last):   File "<stdin>", line 1, in <module>   File "/usr/local/lib/python2.7/dist-packages/tweepy/__init__.py", line 14, in <module>     from tweepy.api import API   File "/usr/local/lib/python2.7/dist-packages/tweepy/api.py", line 12, in <module>     from tweepy.binder import bind_api   File "/usr/local/lib/python2.7/dist-packages/tweepy/binder.py", line 11, in <module>     import requests   File "/usr/lib/python2.7/dist-packages/requests/__init__.py", line 97, in <module>     from . import utils   File "/usr/lib/python2.7/dist-packages/requests/utils.py", line 26, in <module>     from ._internal_utils import to...
Post a Comment
Read more

tag