The latest and greatest from Sungard AS




Under Attack Part 2 – How to stay one step ahead of cyber attacks.

30th July 2014

Cyber Attacks

How to stay one step ahead of cyber attacks

Following Part 1, which explored the growing threat of cyber attacks, this article gives some pointers as to how you can best protect your organisation against malicious attacks.

Reverse engineering

One tactic successfully deployed last year by Yorkshire Bank was to beat hackers at their own game. Cyber security specialists set up ‘honeypot sites’ – dummy websites designed to attract attacks and collect data on the perpetrator. Valuable intelligence is gathered about the methods used (known as attack vectors), enabling the security specialists to reverse engineer malware and write specific ‘signature content’ (protective code) to counter attempted strikes. 

Top tips for mitigating your risk

There are several steps you can take to mitigate your risk from cyber attacks:

1.Implement security measures at every layer of your IT infrastructure – applications, network, host and base infrastructure – using tools such as web application firewall (WAF) technology, DDoS mitigation, intrusion detection sensors, deep packet forensics, anti-virus software and network monitoring services

2.Don’t make the mistake of relying on products alone to solve the problem; you also need people who can analyse the findings to build a full picture of security events being generated

3.Stay abreast of the latest vulnerabilities in order to create content that is up to date with the current threats and to be able to react more quickly to any incidents

4.Improve staff awareness of the threat – hackers can easily profile an employee via social media and craft a convincing email enticing them to click on a link, thus unwittingly exposing your entire network

5.Put escalation procedures in place for any suspect emails and ensure these are well publicised

6.Counter the chance of confidential data being compromised by a disgruntled employee by enforcing strict internal controls 

7.Invest in threat intelligence – some hacking groups become very vocal before launching an attack, therefore monitoring known social media sites can give you a heads-up

Through our partnership with cyber security specialist Alert Logic, Sungard AS offers a range of services to protect customers and help them comply with legislation such as PCI DSS. To find out more please contact us