Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
The recent article, “China Hackers Hit U.S. Chamber,” in the Wednesday, December 21, 2011, online version of the Wall Street Journal highlights yet another in a growing list of cyber attacks against US companies.
According to the article, the attack apparently started with a spear phishing scheme and social engineering tactics targeting a single employee in 2009. The attack followed a typical path of spreading to other systems, hiding behind credentialed activity, creating backdoors for access, reporting back to the attacker weekly, and granting the attacker remote access to Chamber member information and business policy documentation. The bad guys even gained access to an HVAC system at a housing unit owned by the Chamber.
There are some notable takeaways from the WSJ article and an article on the same attack on Businessweek.com :
These articles articulate the problem very well, and make clear that the traditional approaches to fighting cyber attacks are no longer sufficient on their own. New strategies are needed to have a fighting chance in the cyber security arms race.
One weapon that organizations have, but that they may not even be aware of, is data. The volume of data generated by activities that happen behind credentialed user activities is huge. Mining that massive amount of data in real time can reveal abnormal activities and user behaviors that security professionals can use to pinpoint potential threats that other traditional security and SIEM solutions are unable to detect. Security is a Big Data issue and needs a Big Data solution. Using a Big Data system with a robust analytics language, security personnel can more easily spot anomalies (potential threats) to investigate further, ‘ask questions’ of the all the collected data generated by every piece of technology used by the organization, and use visualizations to better understand normal activity and unearth abnormal activity. Such a strategy is the only way to understand what you don’t know because, as these articles illustrate, what you don’t know CAN hurt you.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.