Thursday, May 8, 2014

[infosecurity-magazine] World’s Most Advanced Hackers are in Russia and Eastern Europe

At Infosecurity Europe 2014, Eleanor Dallaway caught up with Ross Brewer, vice president and managing director for international markets, and Mike Reagan, CMO at LogRhythm to talk insider threats, and the global threat landscape…

As MD for international markets, LogRhythm’s Ross Brewer is well versed in the latest geographical trends and targets. “Germany is a big target at the moment”, he told Infosecurity. “It is a manufacturing country with amazing IP. It’s a country conscious of monitoring its population too much with a focus on employee privacy, and this is not lost on the hacking community.” German IP is therefore a target and tends to end up in Asia, according to Brewer.
As an emerging market, the Middle East positioning itself as ‘the destination’ is also a target, Brewer said. “The biggest threat to Europe comes from Eastern countries where the most experienced, most capable hackers are. The most advanced hackers on the planet reside in Russia and Eastern Europe.” Threats from Asia tend to be less stealthy, however, Brewer declared. “So whilst the most obvious threat comes from Asia, the most real threat comes from East Europe.”
LogRhythm’s Brewer also flagged the French market as vulnerable, notably “because they buy all their technology from within France, but forget they’re plugged into a global internet which leaves them exposed.”
Brewer also addressed Africa. “As technologies become more pervasive and wireless more common in Africa, there will be increased threat activity. At the moment, the African infrastructure is not on the same level as the rest of the world, with power and technology intermittent, but as that increases, so too will the threat”.
“Critical infrastructure is the target now, in every country”, Brewer toldInfosecurity.

The Pervasive Insider Threat Problem

recent survey of 1000 IT professionals, conducted by OnePoll on behalf of LogRhythm, found 36% of IT professionals believe employees would access or steal confidential information, yet 38% do not have, or know of, any systems in place to stop employees accessing unauthorised data.
In a corresponding survey of 200 employees, 47% admitted to having accessed or taken confidential information from the workplace. “In more than three quarters of these cases, they were not caught”, Reagan told Infosecurity. “And of the minority that were caught, there was no consequence or disciplinary action.”
What’s surprising about the results, said Reagan, “is the size of the visibility gap. There has been enough high-profile breach action for everyone to know that there is a big problem, there’s a growing abundance of information that shows what the problem is, so it’s baffling that the majority of organizations aren’t putting adequate systems in place.”
The problem, agreed Brewer and Reagan, is the high-privileged access to data that organizations are giving people. “It’s not if you’ll be breached, but when. Those that aren’t taking action will be forced to by share-holders eventually.”
The report results cite the insider threat as a bigger security risk (31%) than external threats (29%), yet the general consensus suggests that not enough importance is being placed on containing it, with 37% feeling like their business could do more to safeguard information from employees. “It will take legislation to drive this home. It could even take lives being cost before action is taken”, said Brewer.
Comparing the potential damage from the malicious insider threat versus the accidental, Brewer is clear that the deliberate threat is likely to be more catastrophic. “The accidental exposure of information is not used or deliberately targeted, so the consequences are less severe. Targeted crime is more concerning and causes more damage.”

No comments:

Post a Comment