Multi-layered approach key to combating the threat from cyber criminals
The recent high-profile WannaCry ransomware attack served as a stark warning to businesses that the stakes could not be higher in the world of cyber warfare. In the aftermath of the attack, we learned that this attack wasn't particularly sophisticated and that it could have been easily avoided, given the perpetrators exploited a known vulnerability for which a patch was already available.
To stay safe was, as we call it, a matter of good cyber hygiene: knowing your IT estate and making sure patches issued by vendors are properly distributed and applied.
In the case of WannaCry and other ransomware attacks, our advice to customers on how to stay secure can be summarised in four easy-to-follow steps:
• Check you have the appropriate patch applied and running correctly across your global IT estate;
• Work closely with both your anti-virus vendors and Microsoft to ensure you have the latest, up-to-date anti-virus protection that is available;
• Investigate whether you have been infected, limit the spread as far as possible, then neutralise to avoid the malware detonating;
• Isolate and roll back. Contain the affected machines, clean them, then restore the data.
It was these steps, together with our continuous investment into upgrades, the deep understanding of the importance of cyber security at BT, our agile governance structure and cohesive global response to attacks, as well as our partnerships with a diverse array of industry and government bodies, that helped us protect our network and our customers.
Our network delivers services for customers, some of them well-known household names, in more than 180 countries around the world. Our team of 2,500 security specialists and 14 Security Operations Centres provide round-the-clock monitoring and protection, are among the largest in the industry.
We face more than 8,000 virus attacks a day and more than 250,000 cyber-attacks a month. We are proud of the fact our expertise in cyber security has successfully defended infrastructure during the 2012 Olympics, when we saw a rise of 1,000pc in attacks from state-backed hackers, terrorists, fraudsters and "hacktivists".
All this has been achieved through ongoing investment to stay ahead of the attackers, by keeping the finger on the pulse, proactively monitoring, analysing and addressing any threats.
Know your enemy. While threat intelligence and monitoring will never be able to stop an attack on their own, they provide firms with a toolkit to help build defences against them.
By being proactive, a company can ensure it is as prepared as possible. Forewarned is forearmed, and prior analysis of both behaviour and strength enables companies to tailor defences to keep criminal entrepreneurs away from what they want. Successfully combining human and artificial intelligence in a 360° evaluation of vulnerabilities means that organisations can be on the front foot and begin hunting for attackers threatening their day-to-day operations.
As attackers become increasingly creative, launching more complex and considered attacks, the detection route that so many organisations choose is struggling to keep up with the levels of sophistication. Businesses must, therefore, recognise the need for a better-designed, more comprehensive and multi-layered security structure.
Across Ireland, organisations, Government and academia must collaborate to outrun cybercriminals' innovations. In today's threat landscape, the way forward is a unified security architecture that prevents attacks before they can inflict damage. A multi-layered approach makes it harder for criminals to operate before, during and after an attack, while the right smart prevention can help rapidly uncover existing vulnerabilities and eliminate risks.
Les Anderson is vice-president of cyber, BT Global CSO
Sunday Indo Business