Adversaries can be kept at bay by being identified and given a 'fingerprint' to ensure you know where they are.
Speaking at the Infosecurity Europe 2013 conference, Nawaf Bitar, general manager of the security business unit at Juniper Networks, said that the Sony attacks of 2011 were a major problem as the same attackers kept coming back.
“If this happens, something has gone wrong with the security and you have to do something different," Bitar said.
“I am not a fan of anti-virus, and what tests show is that for 40 anti-virus systems, there is a five per cent catch rate and we have to bolster our defences, but how do we get 95 per cent protection?”
Bitar said shoring up defences can deter attackers from returning.
“With a fingeprint there is a probability that you can identify them and you can do something with them ... I think that this would have stopped the Sony attacks.”
“You can [identify attackers by looking] at the characteristics of their device, what fonts they use, what patches they have not installed and their IP address among others. With that you can push the fingerprint to the cloud and share the details.”
He explained that the attacker is not aware that they have been identified as they will not know which characteristics you have to detect them and short of wiping their device – desktop, laptop or mobile – they will find it hard to shake the fingerprint off.
Bitar further told SC Juniper was very willing to share the information with partners as well as users, and it had signed an agreement with RSA Security for their Spotlight Data product.