Recent Hacks Highlight Need For Intelligence Threat Detection
September 2018 by Digital Pathways
The recent cyber-attacks on both British Airways and Stena Line, highlights the growing need for any entity that stores sensitive information, to install intelligence threat detection software, in order to try to avert hackers before they cause damage.
British Airways saw some 380,000 passenger’s card details accessed, whilst Stena Line had 800 of their staff’s bank accounts and personal details taken.
In the case of Stena, it appears that hackers gained access via ‘phishing’ emails, whilst there is concern that British Airways’ Payment Card Industry (PCI) compliance may not have been robust enough. As a result of the attacks, both could face major fines under the GDPR, should they be seen to have not had sufficient data security in place.
“There is no doubt, that cyber-attacks are going to increase and, become more and more sophisticated”, says Colin Tankard, Managing Director of data security company, Digital Pathways.
“Because of this, installing robust, Intelligence threat detection, software becomes a ‘no brainer’”.
Advanced threat detection (ATD), goes beyond basic security analysis. It works at a deeper level in order to fix vulnerabilities and help prevent cyber threats before they take hold.
In traditional anti virus software, known ‘signatures’ of malware, which could cause damage or leak out data, are the focus. Such systems, recognises the program and stops it, putting it into quarantine. However, the modern threats tend not have a signature, do not look like a program and so, go undetected by anti virus.
Even odd data movement can be disguised by these programs, making it look legitimate. For example, the data flowing out could be seen as a normal batch process, being undertaken by a website, say, transferring user data over to a billing system.
Adds Tankard, “File less attacks often go undetected. It is vital therefore, to have a system in place that can instantly recognise the threat once it is revealed and is able to take the necessary action to stop it. Otherwise, the data will be gone before anyone knows about it”.
Tankard continues, “ I find it very telling that some of the companies that have suffered from the most recent data breaches, have chosen to ‘go public’ with the news. This would indicate to me that the data was not robustly encrypted as under GDPR, if the data is encrypted it is only the Information Commissioners Office (ICO) that need be notified.
“Encryption is the only technology outlined as essential in the GDPR; I find it amazing that so few companies have deployed it where sensitive data is held, even for a short period of time.
“Companies need to get smart quickly when it comes to data security and deploy systems to meet today’s challenges, not rely on traditional measures or, worse still, think it will never happen to them!
“Sadly, it is not a case of, if you will be hacked, it is, when!”