News

Security specialists move to plug two week threat gap

Simon Quicke

Security resellers have an opportunity to help worried customers that have seen the headlines about the prospect of a computer attack being launched in a fortnight's time and provide advice and solutions that will head off the prospect of data leakage.

The warning over the threats from the NSA in the US has become national news and has users scrambling to try and make sure they won't be left exposed to the threats and has provoked vendors into also updating the channel on the right response.

Ross Brewer, vice president and managing director for international markets at LogRhythm, said that the prospect of the threats to target so many people made this a significant moment for users to reconsider their security.

“The fact that it has the potential to easily target so many people, across the world is what differentiates this from attacks we have previously seen and requires immediate action by both businesses and consumers," he said.

“For businesses in particular the chaos that could be wrought is infinite – not only can the malware potentially access bank accounts, but also customer data and other sensitive information which could lead to more widespread attacks.  While it is essential organisations makes sure their security tools are up-to-date, they must also make it explicitly clear to employees that they need to be 100 percent confident that all emails are legitimate before clicking any links or opening attachments," he added.

Andrey Dulkin, senior director of cyber innovation at CyberArk, said that although the attacks were likely to be opportunistic if they were successful they could be the start of more serious problems.

“The most troubling aspect of this is if these opportunistic attacks are successful in hijacking privileged accounts – such as those of IT administrators or ICS operators. This is why organisations must not rely on perimeter defences and specifically endpoint protection to safeguard these sensitive credentials.," he said.

“Monitoring and controlling these powerful accounts is essential to mitigating the threat of an attack on an organisation. Businesses would do well to assume that their network has, in all likelihood, already been infiltrated and focus on locking down the access to their most vital assets.  After all, with the NCA giving British internet users two weeks to protect their computers, the clock is ticking," he added.

James Lyne, global head of security research at Sophos, suggested some steps that resellers can take customers through to make sure they are protected, including making sure endpoint protection is up-to-date, all the patches have been installed and no one clicks on suspicious looking links and attachments.


Join the conversation Comment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.