Investing in technology to stop hackers the moment they've breached the network is important. According to The Center for Strategic and International Studies (CSIS), cleaning up in the aftermath of cybercrime is expensive, often more expensive than the crime itself. Credit: Mikkolem Molouk Y. Ba-Isa Saudi Gazette
We frequently hear about advanced persistent threats (APT) these days - think of the attacks on Target and Neiman Marcus, but in general people don't know what they are. APTs are network attacks in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause immediate damage to the network or organization. The hacker usually wants to hang out in the network, look around, see what's worth taking, and then keep taking it for a long time. In some cases the attacker will try to undermine or impede critical aspects of a mission, program or organization or get into position to carry out these objectives in the future. “It's really surprising to me how many people are completely unaware of the APTs we are facing these days, and in fact cyber threats in general. All sorts of different threats are coming in from all quarters. Hackers are becoming increasingly more sophisticated at attacking every type of device and network to reach data, which is the real prize,” said John Bentley, Director, Middle East, Africa and India at AccessData. “Once they reach the database, they scroll through the information there looking for anything of value. These can be individuals who want to wreak havoc in some way or organizations who are hunting certain types of data. Financial information such as bank account details, credit card numbers and documents regarding mergers & acquisition are valuable. Of interest as well are any research and development findings, particularly to other organizations involved in similar areas of R&D. These attacks are very real and growing globally.” Bentley advised that it's not enough anymore to just put up firewalls and try to block attackers from reaching the network. The hackers are finding ways to evade network perimeter protection and once inside the network there's nothing to stop them from completing their mission. Plenty of network monitoring programs identify that something is happening within the network; that there's an “event” going on. But often there are so many events that the important one is overlooked. “At Access Data we take it from the point that the hackers have breached the network,” said Bentley. “Our solutions can highlight genuine alerts and then help determine which of the alerts are real threats. We automate the process of finding the attacks. That enables organizations to respond quickly. We identify where the hack came from, analyze the situation in the network and then quickly shut off the ability to take data out of the system.” Dealing with threats to networks and data is not a small issue. The Center for Strategic and International Studies (CSIS) estimates that cybercrime costs the global economy $445 billion each year. In its report, “Net Losses: Estimating the Global Cost of Cybercrime,” CSIS estimated that Saudi Arabia already loses .17 percent of GDP to cybercrime. The report urges the public, commercial organizations and governments to take cybercrime more seriously and to put forward greater resources to stop it. “Studies estimate that the Internet economy annually generates between $2 trillion and $3 trillion, a share of the global economy that is expected to grow rapidly,” the report noted. “If our estimates are right, cybercrime extracts between 15 percent and 20 percent of the value created by the Internet, a heavy tax on the potential for economic growth and job creation and a share of revenue that is significantly larger than any other transnational criminal activity.”