We’ve discussed so far in this series protective and preventative measures that small business leaders can take to secure their environment against viruses, malware, and cyber attacks. Methods ranging from anti-virus software updates to stronger password protection and strengthening the wi-fi network to penetration testing are some of the major ones we’ve outlined. However, as we’ve said before, trends are also showing that hackers are becoming more patient and sophisticated in their methods. As cyber criminals up the ante in the scale of their attacks, how will businesses be prepared to respond, especially in cases of all out cyber warfare? Some have suggested that we haven’t seen anything yet, in terms of where this can all lead. The words of one analyst are well-intentioned and should be taken seriously: “The potential for a cyber pearl harbor exists. Security professionals and the U.S. government have predicted it. The question is, will businesses take the threat of cyber warfare seriously and make it a priority in their budgets? Fair warning…”
These points raise the level of urgency around how businesses should deal with episodes of cyber crime. What about letting them “hack back”? Well, this discussion is heavily debated right now and there are risks and legal implications. An organization might, for instance, investigate a server it believes contains stolen data only to find out it’s the wrong one. Nevertheless, there is certainly a basis for taking a much more proactive stance against cyber attacks, especially when those attacks last days on end. Small businesses need to be able to take proactive stands to halt attacks rather than passively absorb them.
In the world of cyber security the trend has certainly been on defensive and protective measures. But there certainly is a growing awareness of the need for more proactive and offensive techniques in relation to cyber crime. Ronen Kenig is representative of this new and emerging view towards cyber security – one that insists on taking much more proactive measures. His recommendations provide some points well worth considering, and are outlined in summary below.
- Setup an emergency response team who can detect and respond to attack campaigns 24×7 as long as is required. Cyber attacks should not be absorbed but dealt with vigilantly. Equip your team with skills to investigate who the attackers are and what their motivation is.
- Catalog all of the tools, techniques and methods of attack used by hackers in previous campaigns and use this information to guard against future breaches.
- Hire and or train ethical hackers or “white hats” who are skilled with hacking techniques and who can quickly detect and understand which attack tools are being used in order to anticipate next moves.
- Perform hacking counter measures in order to show where the weaknesses reside in a hackers tools of choice, and exploit those weaknesses for your own defense.
- Setup a hacker’s blacklist and work with your internet service provider to block these attackers before they can breach your network.
In the final and last part of this series we’ll highlight the main points discussed and outline some final takeaways that businesses can adopt today in order to remain vigilant and proactive in their fight against cyber crime.