Network security -- or the lack of it -- is making the headlines again.
The prognosis, say security experts, is not good. "Organizational security sucks," said security consultant Michele Chubirka, aka "Mrs. Y," at an Interop session on firewalls. Citing 2012 statistics from security vendor Trustware, Chubirka painted a dismal picture of the state of enterprise security today. Among the low points: Only 16% of network compromises are self-detected, and antivirus applications were only able to catch 12% of malware samples collected during 2011 investigations.
As might be expected, customer service records represent the tasty filling inside of many corporate networks.
As might be expected, customer service records represent the tasty filling inside of many corporate networks; to that end, of breached data investigations launched in 2012, 89% of them involved attempts to steal consumer financial or identity records.
What's even more sobering, attackers had an average of 173.5 days lurking around the typical network before they were detected, giving intruders, Chinese or otherwise, ample time to wreak havoc.
Network security solutions come in many forms
Chubirka advised Interop registrants to use multiple tools, based on frameworks promulgated by groups such as Open Security Architecture (OSA) or Sherwood Applied Business Security Architecture (SABSA). Network administrators must also document and understand critical applications' network data flows, implement a sound network segmentation policy and build restricted high-security zones for critical data and applications. Finally, Chubirka said, don't count on such tools as next-generation firewalls (NGFWs) to solve all the problems. "That's the new industry buzzword," she said. "It's not some secret sauce that will fix these problems. It won't. You have to understand that to overcome security challenges you need multiple controls. Any of them by themselves won't be perfect."
Chubirka made her presentation about network vulnerabilities on the same day that news broke about a ring of thieves who stole $45 million from thousands of ATMs in a matter of hours by using hacked prepaid debit cards. The ringleader, according to federal prosecutors: a 23-year-old from the Dominican Republic, who himself was found murdered in late April.
Network attacks growing more costly and dangerous
The organization altered the cards after breaking into the network of an undisclosed Indian credit-card company. It's not the first time a payment processor had been targeted, and as the Trustware survey indicated, it won't be the last. But as destructive and as costly as these attacks are, they're nothing compared to the damage that foreign governments or other state agents can wield.
Learn more about network security strategies
A guide to network security technologies
Using a data-centric approach to security
You don't have to break the bank
And here, at least according to a May 20 piece that examined cybersecurity in The New Yorker, the news is no less grim. National security experts told the magazine that no solution would adequately protect the nation's networks from the cyberwarfare allegedly being waged by governments in China, Syria and elsewhere.
Thus far, these attacks, whether it's an attempt to steal source code from companies like Google or a DDoS attack against The New York Times, The Washington Post and even The Onion, have been more aggravating than grave. But what happens if a foreign hacker gains control of a U.S. satellite? Or if an Air Force jet is virtually hijacked by a cyberterrorist?
For all the weapons network engineers have in their arsenal to defend against network intrusions and attacks, there's someone else out there trying to find the vulnerable underbelly through which they can launch their own weapons. What used to be the nostalgic Melinda or "I Love You" virus of the 2000s is now the far more dangerous possibility that an airplane might crash or an oil field might explode into flame.
This was first published in May 2013