Tuesday, October 27, 18:42
Home security Do you want to avoid hackers? Understand your systems!

Do you want to avoid hackers? Understand your systems!

The cyber attacks targeting critical national infrastructure and other organizations are growing more and more, causing damage that can often be irreparable. However, organizations could stop them before they have an impact. A key condition for this to be possible is for teams responsible for security to better understand and understand their systems and networks. This may sound like a given, but in many cases, hackers have entered corporate systems and networks and remained in them for a long time without being detected. Some of these campaigns include attacks on critical infrastructure, where malicious hackers could cause serious damage. At this point it is important to clarify that hackers are in a strong position, precisely because those responsible for defending systems and networks do not always have a full understanding of what they are managing.

Ο Dmitri Alperovitch, executive chairman of Silverado Policy Accelerator and co-founder and former CTO of CrowdStrike, said people often tend to misinterpret attacks. In particular, he noted that such attacks do not occur at "speed of light", but often take months or years to reach the right level. access in a network, so that they are finally able to carry out a destructive act. This means that deep knowledge of a network as well as the detection Any suspicious or unexpected behavior can significantly contribute to the detection and cessation of attacks. Alperovitch noted that organisms need to spend a lot of time defending themselves in order for it to function effectively.


In particular, he stressed that if organizations look into their systems, look for opponents and have the right perception, they will be able to discover hackers even after they enter the systems, before they do any damage. Knowing what exists in a network has become even more important in recent years, as industrial environments are increasingly linked to and production sensors and monitors. The devices are useful for infrastructure providers, as they allow better monitoring of systems for efficiency, maintenance and repair, but if not managed properly, they could be weaknesses and make it easier for the intruder to access the network.

Annessa McKenzie, VP IT and CSO at Calpine, an American power company, said it was important to do precautionary testing. He also stressed that there should be a better understanding of a network so that its defender can manage it as soon as possible. infringement, as well as after. According to McKenzie, when there is no complete awareness of what exactly is going on in systems and networks, it can take days, weeks or even months for a response to a breach to occur, and it is often not clear what is really going on. He added that organizations should try to think like hackers. That is, to think about the network and how an attack could be exploited while the teams security they could reveal unexpected means that hackers could use to exploit the network. In addition, with the availability of suitable tools and with expertise, government intervention could help strengthen cybersecurity in critical infrastructure by providing an environment for organizations to share information about attacks and optimal practices to protect networks.


Michael Chertoff, a former U.S. Secretary of Homeland Security and co-founder and CEO of the Chertoff Group (a security and risk consulting firm), said they could create a platform for companies to exchange best practices and help and perhaps even host some kind of common ability to respond publicly and privately. He also stressed that the responsibility for security should not be borne only by infrastructure providers or other organizations, but that companies that manufacture specialized systems and connected spare parts used in these environments should also bear some responsibility, if proven. that they are inherently insecure or vulnerable to cyber attacks. Through a combination of this and a good knowledge of what a network looks like, infrastructure and utility providers can go a long way in preventing invasion campaigns and cyberattacks. But it certainly takes a lot of time and work to make it possible. Finally, Alperovitch said that defenders have a great advantage if they know their environment better than the opponent. However, this is not the case if an organization does not have the right tools and capabilities.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


How to install a .watchface file on Apple Watch

The Apple Watch lets you customize the faces of the watch to display all kinds of useful information. But did you know ...

The five biggest data breaches of the 21st century

Data is becoming more and more sought after as our daily lives become more digitized. The technology giants that monopolize data are ...

Microsoft is limiting the availability of Windows 10 20H2

Microsoft is currently restricting the availability of Windows 10 20H2 to provide all users who want to ...

How to enable the new Chrome Read more feature

The latest version of Google Chrome browser, v86, released earlier this month, contains a secret feature called Read ...

How to choose a custom color for the Start menu

Starting with the October 2020 update, Windows 10 is the default on a theme that removes bright colors from ...

NASA telescope discovers drinking water on the moon

Eleven years ago, a spacecraft changed our view of the moon forever. The data collected by ...

Microsoft: Enhances password spray attack detection capabilities

Microsoft has significantly improved the ability to detect password spray attacks in the Azure Active Directory (Azure AD) and has reached the point ...

How to prevent companies from finding our phone number

In the age of advertising, the more user information is known the more convenient it is for companies. And in particular, the ...

Violation in a psychotherapy clinic led to blackmail of patients

Two years ago, a cyber attack took place in a Finnish psychotherapy clinic, which resulted in data theft and ransom demand. Now,...

Australia: Enhances cybersecurity and privacy!

The Government of New South Wales in Australia has set up a task force to strengthen cybersecurity and protection ...