• Phone
  • Contact us
  • Locations
  • Search
  • Menu

share

  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Email this article
View or print a PDF of this page
.

"Perpetrators of these ‘advanced persistent threats’ (APTs) spend much more time gathering information than other hackers."

 

ALAN PHILLIPS, PA SECURITY expert

Constant vigilance: The key to catching covert criminals

Jane Bird
Financial Times
1 June 2012

 

PA’s Alan Phillips, security expert, is quoted extensively in an article in the Financial Times as part of a special report on cyber security. The article looks at computer crime and how, although much of this is opportunistic and random, some cyber attacks are focused and target a specific individual or organisation

Alan says: “Perpetrators of these ‘advanced persistent threats’ (APTs) spend much more time gathering information than other hackers.” 

The material could be about operational activities, staff members, IP addresses, even job advertisements. “By the time they launch the attack, they have a high degree of success,” Alan says.

Alan talks about how APTs can be hard to spot and says it is like having an invisible man in your house: “You only see him if he leaves muddy footprints.”

Alan goes on to advocate “dynamic” defence – making frequent small changes to system configurations to thwart offensive techniques. He recommends regularly testing defences and instant response plans, “so people know what to do when something does happen”.

He also advocates logging and monitoring as much detail as possible around sensitive data, “so you have the forensic information to work out what’s gone wrong – otherwise, you might suspect a breach for a long time without being able to discover it”.

Staff should be discouraged from listing their technical skills on sites such as LinkedIn, because this might give away operational activities, Alan says. Criminals can work out what software you are running.

Alan also suggests staff should not use their work email addresses and IDs on public websites such as help forums. Another simple precaution that is often overlooked is removing default, factory-set system passwords.

You can read the article in full here.


To find out how PA can help your organisation tackle the challenges of cyber security, contact us now or click here for more information.

   
Corporate headquarters
123 Buckingham Palace Road
London SW1W 9SR London SW1W 9SR
United Kingdom
Tel: +44 20 7333 5865 Tel: +44 20 7333 5865
contact us now

NEWS UPDATES

Sign-up to receive company updates and press releases by email or newsfeed:

SIGN-UP

 

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.

×