Businesses need to look at security as a military operation

By , Network World |  Security, interop

Hensley says he is uncertain how malware infiltrated the target networks, but they did so with instructions to find certain files. Once they did they contacted a command and control server hosted in a cloud provider's network which downloaded HTML files instructing the malware to send the data to six Internet drop sites, two in the U.S. and four in China, where they were picked up.

CISOs should perform internal penetration testing to find whether employees are engaged in attacks against their own employers, Hensley says. He cited the case of the hacker activist group Anonymous that called for a volunteer-based distributed denial-of-service attack against specified targets using a tool called Low Orbit Ion Cannon.

He says a client of SecureWorks found that employees downloaded LOIC to their work PCs and let it launch distributed DoS attacks. SecureWorks notified all its other customers about the case so they could be on the lookout. "Needless to say, the people who did it were fired," he says.

Read more about wide area network in Network World's Wide Area Network section.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness