Simple fixes for advanced persistent threats

By

Spend less on what you don't have and more on what you do.

Most Advanced Persistent Threats (APTs) can be mitigated by simple security upgrades, a Telstra security specialist has advised.

Simple fixes for advanced persistent threats

According to Scott McIntyre, senior technology architecture specialist in Telstra's Security Operations, the industry was undergoing "a phase of self delusion about the true nature about where the exposures are coming from".

"Most external threats, these APTs, are taking advantage of internal infrastructure and policy failures," he said, noting that he was not speaking on behalf of the telco.

McIntyre spoke at the AusCERT 2011 conference last week after he presented at the previous year's event as the security head for Netherlands ISP XS4All.

He said rather than buy the latest toolkits at the behest of the boss, security professionals should consider upgrading internal systems.

Although the high profile compromise of security company RSA was attributed to APTs, McIntyre said the "crux" of the breach was more simple, and hinged on vulnerabilities in Microsoft Office 2007.

The exploited vulnerabilities may not have been present had RSA upgraded to the 2010 version of the software, he said.

He said chinese whispers and inflated press reports were to blame for the misperception of threats and solutions.

Power to the people

Social networking should be permitted provided staff actions can be traced, according to McIntyre.

"Accountability, responsibility and traceability" are the three tenets that should underline corporate social media policies, he said.

Security professionals should also avoid prescribing security tools in high-level security policies and instead base the documents on implementation procedure, McIntyre said.

"I'm not sure if we will solve the [security] problem if it comes down to something you can put in a spreadsheet."

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?