The two infamous hacker groups LulzSec and Anonymous have joined hands in forming a new campaign against the different government organizations and banks. Their goal is to infiltrate into their system and publish secret emails and confidential data and information of Governments, banks and other high ranking institutions to create awareness of what the hackers believe to be corruption and limitation of freedom.
“The need to raise the security bar – by enhancing an IT platform’s ability to detect and prevent malicious code from `breaking through’ the network perimeter – has never been greater”, according to Idappcom’s CEO Ray Bryant.
The governments of the UK and US know very well now that this data is the new currency which acts like reasons why hackers feel inclined to attack increase in finances. Even though they claim to be battling evils like corruption or fighting for a cause like freedom, the data they steal, if gone in the wrong hands can prove to be detrimental to a country’s well-being.
The Serious Organized Crime Agency (Soca) became the latest victim of a distributed denial of service (DDoS) attack which has been developed to shut down websites. Soon afterwards LulzSec said that they have “blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census.”
Even though, this latest attack did not do much damage, a tweet made today by the group warned of further attacks that will be very serious. Even if no potential harm is done to the systems and information, a significant damage is triggered to the faith we put in different institutions which run on tax payer’s money.
“Against this backdrop there is a clear and present need to defend any organisation’s IT platform as never before. This can only be achieved by raising the security bar at the point where traffic enters and or leaves you network”, said Bryant.
“In most western countries government departments are faced with the largest cuts, austerity measures, they have faced for many years. Whilst there has been specific funding promised to create projects that look at the issues the cuts are today and that presents a real problem for government departments today. How do you increase the security effectiveness without purchasing new equipment or recruiting additional expertise. This can be done, raise the security bar, make what you have work harder and efficiently”, he continued.
Either buying new security equipment or thinking of getting enhancements for already working defenses, a ‘must have’ list of using tools which make sure that the equipment you purchased is working in its optimum condition.
There are a number of ways to improve security. Providing the staff with proper training to make them more alert for security, ensuring that all the devices which the network is linked to are secure, desktop protection is updated and border defense is the forerunner in this fight. Efficient and sharp IPS/IDS/Firewalls.
“The recent and promised future attacks are all based around Denial of Service”, so Bryant. “ Future attacks may be combined with evasion techniques but they both be countered and resolved by using automated tools for audit and Penetration testing of your perimeter defences to ensure they are configured to detect effectively and that your security rules are doing the job they are supposed to. Ensuring your perimeter defences are always operating at the highest level is the best form of defence. This does not mean that you have to slow down your traffic, the same tools can be used to tune your Intrusion detection to be more efficient”.
Making the IDS/IPS/Firewall platform more efficient should begin. IT management has the advantage of increasing their status with smart techniques and practice. Learn to differentiate between a threat which comes from the outside and the risk which comes from the inside.
Idappcom Ltd. is a privately owned UK company which came into being in 2004. Their main goal is to present users with state of the art IT security and application security and management. The main service, Traffic IQ is a risk assessment tool and is widely used by security personnel across the world. Customers consist of all security appliance vendors, independent appliance testers, Military establishments, Telecoms organizations and many others in different fields of industry.