Simple fixes for advanced persistent threats

Powered by SC Magazine
 

Spend less on what you don't have and more on what you do.

Most Advanced Persistent Threats (APTs) can be mitigated by simple security upgrades, a Telstra security specialist has advised.

According to Scott McIntyre, senior technology architecture specialist in Telstra's Security Operations, the industry was undergoing "a phase of self delusion about the true nature about where the exposures are coming from".

"Most external threats, these APTs, are taking advantage of internal infrastructure and policy failures," he said, noting that he was not speaking on behalf of the telco.

McIntyre spoke at the AusCERT 2011 conference last week after he presented at the previous year's event as the security head for Netherlands ISP XS4All.

He said rather than buy the latest toolkits at the behest of the boss, security professionals should consider upgrading internal systems.

Although the high profile compromise of security company RSA was attributed to APTs, McIntyre said the "crux" of the breach was more simple, and hinged on vulnerabilities in Microsoft Office 2007.

The exploited vulnerabilities may not have been present had RSA upgraded to the 2010 version of the software, he said.

He said chinese whispers and inflated press reports were to blame for the misperception of threats and solutions.

Power to the people

Social networking should be permitted provided staff actions can be traced, according to McIntyre.

"Accountability, responsibility and traceability" are the three tenets that should underline corporate social media policies, he said.

Security professionals should also avoid prescribing security tools in high-level security policies and instead base the documents on implementation procedure, McIntyre said.

"I'm not sure if we will solve the [security] problem if it comes down to something you can put in a spreadsheet."

Copyright © SC Magazine, Australia


Simple fixes for advanced persistent threats
 
 
 
Top Stories
Abbott brings back Science minister in cabinet reshuffle
Science tacked onto to Industry title.
 
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1902

Vote
Do you support the abolition of the Office of the Information Commissioner?