Fighting back against cyber crime

by |

As the number of companies that have fallen victims to cyber-crime increases, so too does the debate on how to best combat this.

One controversial suggestion is allowing companies to use hacker-like techniques to recover stolen intellectual property and other data.

The technique involves using technology to track stolen files and then reclaim these or prevent others from accessing them, without damaging outside networks.

This concept has gained particular prominence and support in America.

A recent study, featured in The Economist, of 56 large American firms found that combined they suffered 102 successful cyber-attacks a week in 2012, a 42% rise on the year before.

The article stated a new Verizon report revealed “over three-quarters of network intrusions at companies were the result of weak or stolen user names and passwords”.

However, until a solution is identified, the best way for companies to prevent attacks is self protection.

“Instead of tooling up to fight the hackers, firms should focus on plugging the holes that let them in.”

The Department of Defence’s information security website has a number of tips for preventing cyber attacks. “At least 85% of the targeted cyber-attacks the Defence Signals Directorate (DSD) responds to could be prevented by following these four strategies.”

  • Prevent malicious software, malware and other non-approved programmes from running with application whitelisting. The opposite of blacklisting, it creates a list of approved programmes to run. 
  • Prevent bugs and viruses by patching applications, operating systems and web browsers. A patch is designed to fix programmes or update a computer system or software.
  • Minimise the number of users with administrative privileges.

 

Related articles:

Are Google accounts putting your firm at risk?

Are mobile staff a data risk?

Corporate Risk & Insurance forum is the place for positive industry interaction and welcomes your professional and informed opinion.

Name (required)
Comment (required)
By submitting, I agree to the Terms & Conditions