Cyber Attack

Need of defensive rebalancing to combat the Cyber Attacks

Need of defensive rebalancing to combat the Cyber Attacks
Cyber breaches are repeatedly making headlines and affecting the organizations regardless of preventive measures deployed to counter the cyber threats. It is mostly happening due to ever-diminishing perimeter boundaries and data becoming new perimeter for organizations, increasing reliance on business partners for delivering the services and adoption of commoditized IT services to accelerate the go to market efforts of the business. Cyber perpetrators are taking advantage of these extended ecosystems and launching the attack by exploiting the weaknesses present in the systems of the overall supply chain of the organization. As these breaches proving inevitable, it is becoming critical for an organization to improve the incident detection and response capabilities, and accelerate the efforts towards becoming resilient to cyber-attacks. 
 

Man in the Cloud attack scenario - Persistent Double Switch

Man in the Cloud attack scenario -  Persistent Double Switch

This attack is very similar to the Quick Double Switch, but only difference is that the attacker maintains remote access to the victim's machine. This access allows the attacker to interact with the victim’s machine from time to time, execute arbitrary code, and collect that code’s output.

Attack Execution Phase:

Some APT talks ÔÇô Part 2 ÔÇô Detect the Undetected

Some APT talks ÔÇô Part 2 ÔÇô Detect the Undetected

We have discussed about APT and its attack vectors in Part 1. Now it is important how we plan the mitigation strategies? There are multiple solutions in the market that offers different tools to effectively mitigate APT’s.  It would be boring and repetitive if I go through the best practices and the technologies I have already discussed in this forum such as User Awareness, Password policies, Patching etc. We will have a look at something new- Deception, a proactive way of dealing with these sorts of cyber attacks.

Peek into Tallinn Manual - Analyzing Estonia, Georgia & Stuxnet Cyber Attacks against this background

Peek into Tallinn Manual - Analyzing Estonia, Georgia & Stuxnet Cyber Attacks against this background

The Tallinn manual (not an official document) was drafted by group of experts, and was a comprehensive effort undertaken by NATO Cooperative Cyber Defence - Centre of Excellence between 2009 and 2012 to interpret and bring clarity on international laws in the context of cyber operations. While the manual does not denote the views of NATO, but is the first respected re-statement of international law in cyber operation context. It defines a cyber-attack as a “cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects” and cyber operation that qualifies an ‘armed attack’ triggers the right of individual or collective self-defense (Schmitt, et al., 2013). The foundation is the effects or consequence that are caused by cyber operations as per the six criteria for evaluating cyber-attacks on any nation i.e.

Subscribe to RSS - Cyber Attack