Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Adapting to the post-Shamoon world

Phil Gardner | April 11, 2013
In my last column in CSO, we talked about how the Shamoon virus attack on Saudi oil firm Aramco signified the start of an insidious new wave of malware. Instead of quietly siphoning off data and intellectual property for financial gain, Shamoon and others like it aim to publicly cripple businesses in the name of geopolitical score-settling --an intent that makes them far more dangerous and difficult to thwart.

Still others are reconsidering their flat network architectures.

"Network segmentation is another major component of locking down the environment effectively," says IANS Lead Faculty Dave Shackleford. "Creating effective quarantine zones that only offer specific services and allow very limited communications inbound and outbound can more readily make anomalous traffic stand out."

Unfortunately, traditional tactics like implementing vulnerability scanning techniques may not prove as helpful in detecting systems susceptible to these sophisticated attacks.

"The threat of zero-day exploits is real, and there's no prescribed way to prepare for and prevent them entirely," Shackleford says. "One technique that is getting some attention today is virtualization isolation and encapsulation of endpoints, with vendors like Bromium leading the charge. However, many industrial control systems may not have the proper hardware [primarily chipset], OS level or stability, for that matter, to support this."

In other words, preparing for the post-Shamoon world is no easy feat. It requires a major defense strategy rethink as well as smart reallocation of tactical security resources and investments.

Before embarking on this set of arduous tasks, enterprises must first gauge their overall public profile to determine the likelihood that such an attack will target them. For most organizations today, the answer will be no and they can continue to pursue more traditional defense strategies. But for those that fall into the unlucky 2 percent, now is the time to take the threat seriously and get to work.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.