Global Attacks Abound
No government is safe.
There seems to be a resurgence of interest in the belief that the world is flat despite all evidence to the contrary. Cybercriminals on the other hand, understand all too well that the Earth is actually boundaryless in cyberspace and ripe for plunder on a global level, especially when governments get involved.
While the 2016 Russian hacking of the US elections has become legendary and still makes news in the courts, it appears that the US is not the only political target.
Here in Australia, the ABC reported in February:
“Canberra was shocked yesterday when the Government's top cyber security official confirmed there'd been a hack of the computer networks in Parliament House, and on the three biggest political parties, saying it was certainly carried out by a foreign power.
That power is now widely suspected to have been China. Another recent political attack was reported by the BBC in January:
“Hundreds of German politicians, including Chancellor Angela Merkel, have had personal details stolen and published online. Contacts, private chats and financial details were put out on Twitter that belong to figures from every political party except the far-right AfD. Data from celebrities and journalists were also leaked. It is unclear who was behind the attack, which emerged on Twitter in the style of an advent calendar last month."
The US-based Center For Strategic & International Studies (CSIS) has been tracking cyberattacks on government agencies, defense and high tech companies, or economic crimes with losses of more than $1 million since 2006. You can read their 34-page list of significant incidents spanning globe and quickly realise that no boundary truly exists in the war on cybercrime.
Cyberattacks Cross All Boundaries
“In cyberspace there are no national boundaries, and attackers needn’t be a country or organisation,” said William Hagestad, a researcher in cyber security intelligence at Red Dragon Rising Publishing in the US. “They can be anyone with a computer, mouse and keyboard and the will to do harm."
Because these cybercriminals operate across country boundaries, they become almost impossible to catch and prosecute. According to CSO online:
“Jurisdiction, jurisdiction, jurisdiction. This is the No. 1 barrier to prosecuting cyber crime. Most of the time, the person committing the crime is located outside of the country (or at least outside the legal jurisdiction of the court and prosecutors seeking the conviction). It’s hard enough to successfully prosecute a cyber criminal if they originate in the same jurisdiction as the victim, but close to impossible when both reside in different locations."
Prevention is Superior to Remediation
It seems to be a blatant statement of the obvious that prevention is superior to remediation, but why is it that most CISOs still rely on IT security protection instead of prevention?
At this stage, you should be considering only solutions that use deep inspection and analysis methods which can interpret and detect malicious code in real time and immediately block threats, preventing unwanted code affecting your IT infrastructure is the only way to go.
Your solution should ensure that every line of code is evaluated, making evasion techniques ineffective. Bottom line is that your organisation will be better protected from attack-for-hire services.