It was the best of cybercrimes; it was also the worst. The Lulz Security group (LulzSec) quickly became one of the most dramatic cyber-crime waves that we have seen to date. This small group of blackhats captured the media's attention with their hacking rampage that lasted for nearly two months.

For now, the LulzSec group claims to be off the air. In its wake, the authorities are working diligently to track down the individuals behind the attacks on international corporations such as Sony, the U.S. government (the CIA and the Senate), and a smattering of other websites.

Let's set aside the tempting David vs. Goliath angle of the LulzSec case. The fact is, after all the classes, training, patching, testing, perimeters and articles, these guys got in. They might not have made big money from such antics, but chances are that the next round of cyber attacks could cut much deeper.

While the LulzSec attacks were astonishingly quick and high profile, they are simply the latest in a series of grand cyber attacks. In previous months we found ourselves occupied by the RSA breach, attacks against PKI vendors, and the escapades of Julian Assange on WikiLeaks. After this string of malicious activity, people are really starting to question their confidence in security.

Could this be a healthy thing? Could we learn something from these very unfortunate events?

The Odds

Responses to the LulzSec attacks have been all over the map. Some organizations are on high alert; others are mindfully watching and evaluating the threat landscape. A smaller number remains unconcerned, since they still believe the likelihood of being targeted is very low. Could they be right?

While attending a recent security conference, a panel of speakers fielded an open-ended question – “Are security professionals winning the war against cyber attacks?”

One panelist responded with a telling point: “In order to win, we need to be perfect. For a malicious party to win, he needs only to exploit one mistake.”

This truly illustrates the challenges that we security professionals face every day, night, weekend and holiday. Over-confidence and unfounded optimism could have a steep price, because the odds are stacked against us.

Dealing with Reality

Closing our eyes and telling ourselves that we'll never be attacked simply doesn't work as a countermeasure. To better protect ourselves from an attack, we must first accept that cyber criminals will eventually attempt to break in.

Once we have accepted that, the question becomes: Will the criminals find a vulnerability and successfully exploit it? If the answer is yes, then what data could be exposed and how could the criminals escalate the attack and gain access to other sensitive resources? That's the beginning of a true “defense-in-depth” strategy for countering these risks.

Defense-in-depth isn't a single action, but rather a series of technical and administrative layers designed to prevent attacks and to contain the damage should an attack occur. Defense-in-depth starts with the technical countermeasures that we all immediately think of – firewalls, intrusion prevention systems, proxy appliances, virus scanners, etc. However, it must also encompass other layers of protection such as:

  • A good software patch management process
  • Device configuration review
  • Strong security policies
  • User education
  • Code review for home-grown apps
  • Application security reviews
  • Auditing and alerting mechanisms

By taking a multi-faceted defense-in-depth approach, we can greatly reduce the potential for compromise and continue to protect our systems and data. It's about as close as we can get to our goal of perfection in a very imperfect and sometimes scary world.

Matt Lidestri manages Internet security and products for COCC, an IT outsourcing and support firm serving credit unions and community banks in Avon, Conn.

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.