October 13, 2011

Hacktivism Protectionism

By: Dan O’Donnell, VP of Business Development at Network Critical

Every few years, Webster updates the American lexicon by adding new words to the dictionary. Some of the recent additions have been “vlog” (a blog with video), “webisode” (a TV show episode that can be viewed on the web) and “staycation” (a vacation at home or close by). I believe that the next time Webster does an update, “hacktivism” will be on the new word list.

Hacktivism is the term being used to describe the criminal activity of computer hacking under the cloak of social activism.
The primary targets are government and corporate networks and web sites. The primary victims, of course, are the government agencies and corporations who ended up in the cross hairs of ad hoc hacker groups like Anonymous. The collateral victims are the innocent citizens who have their accounts and other confidential personal information stolen and published by the hacktivists.

Bay Area Rapid Transit (BART) in San Francisco is the most recent example. BART cut off cell phone service at one of its stations in expectation of planned protests. This action triggered an attack on the BART web site which made public the names and addresses of BART police officers as well as personal information of many BART account holders. This growing trend of social activism through computer hacking is a huge red flag for IT risk management and security organizations.

It is a fact of IT life that all risk cannot be eliminated. New network vulnerabilities will continue to develop as a natural course business. However, establishing a robust perimeter and monitoring network activity with vigilance is critical to minimizing the risk and associated liability of these attacks.

Because network attacks are generally originated from outside the network, firewall and intrusion prevention technology is the first thought for developing a perimeter defense.

However, there is more that can be done.

Using the “belt and suspenders” analogy, Data Loss Protection (DLP) appliances can be added to the intrusion prevention solution. Network DLP can protect confidential data by monitoring transactions, identifying sensitive data and limiting movement of that data through enforcement of IT security policies. So, even if an intruder penetrates the firewall, strong data transport policy enforcement can prevent confidential information from getting out.

The final piece to this strong perimeter enforcement program is providing reliable, wire speed network access to the necessary appliances.
Connecting multiple appliances without impacting network availability, reliability or delay is accomplished by next generation network taps. These TAPS (or Traffic Access Points) are designed to provide network failover for increased reliability as well as aggregation and filtering for efficient, cost effective connectivity.

Network operators must protect the confidential data that has been entrusted to them by their customers and constituents. The bad news is that Hacktivism is a growing trend. The good news is that there are many tools available to defend against such attacks.
About The Contributor:
Extreme Marketing Team

See My Other Posts