12/1/2012
By Joe Goldberg, Splunk
Advanced cyber-security threats, whether they are criminals, hactivists or nation states, are breaching organizations at an alarming rate. Aided by time, persistence and smarts, they adeptly penetrate an organization and exfiltrate confidential data without alerting tradition security software tools.
How is this possible? They use spear phishing and social engineering to leapfrog hardened perimeters. The perpetrators also rely on custom, constantly-changing malware to avoid detection from traditional anti-malware solutions. Websites exist where hackers, for a fee, can uploadtheir custom malware to test it against dozens of commercial anti-malware solutions. Hackers can then have confidence that when they use their custom malware, it will avoid detection. Once in an organization, the hackers use tools such as keyloggers and password hash crackers to obtain legitimate, privileged credentials and move with impunity. The hackers typically infectdozens of machines with a variety of backdoors, so eradicating them is difficult. That’s the bad news.
Spotting the Criminal
Before you throw your hands up and wave the white flag, there is an unavoidable weakness of advanced threats that you can exploit.
Please continue reading on WIRED
Filed under: big data news, News Tagged: Big Data Analytics, Big data security
