http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/232900905/security-teams-need-better-intel-more-offense.html By Robert Lemos Contributing Writer Dark Reading April 24, 2012 The recipe for a cyberattack is straightforward: Attackers gather intelligence on the target's systems, research vulnerabilities, exploit those weaknesses, gain control of the systems, and conduct post-exploitation operations. Yet, for the first three parts of attackers' operations, most defenders do nothing. Only after attackers act on a corporate network -- the fourth step -- does a victim's security team becomes aware of the attack. In a presentation at the SOURCE Boston security conference last week, independent security consultant Iftach Ian Amit told attendees that defenders need to do better. "We are basically just waiting to be attacked," he said. Increasingly, security experts are recommending that companies become more aggressive in gathering information on their attackers. Companies need to gather or buy intelligence on adversaries and should consider more active counter intelligence operations, Amit said. Rather than hunker down behind the firewall, like defenders of a medieval castle, security analysts should explore the landscape. To match attackers' first steps, defenders should model their organization's threats, gather intelligence and correlate the data to pinpoint possible threats, he said. "We can be much more active" in defending our networks, Amit said. "Counter intel is fair game ... Everything around is yours; you better know everything that goes on out there." [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Tue Apr 24 2012 - 22:53:51 PDT
This archive was generated by hypermail 2.2.0 : Tue Apr 24 2012 - 22:55:08 PDT