April 20, 2010, 11:39 AM — Targeted cyberattacks of the sort that hit Google Inc. earlier this year are testing enterprise security models in new ways, and they represent an imminent threat to sensitive corporate data.
State-sponsored groups with deep technical skills and computing resources have long been directing such attacks against government and military targets . However, Google's disclosure in January that its network was attacked by China-based hackers stoked long-standing fears that cybercrooks would expand their horizons and start aiming targeted attacks at commercial networks.
Some experts say it's likely that widespread attacks have already begun. "If you have not yet identified systems within your enterprise that have been compromised through these advanced attacks, you probably are very lucky -- or you aren't looking closely enough," said Amit Yoran, former director of the U.S Department of Homeland Security's National Cyber Security Division and current CEO of security vendor NetWitness Corp.
Unlike the e-mail- and network-borne worms and viruses that have been hitting corporate networks for years, targeted attacks are stealthier and virtually impossible to fully block. Hackers typically rely on sophisticated social engineering techniques to break into networks, maintain access to them without detection and continually snoop out and steal sensitive information.
Some security pros suggest that IT managers are better off focusing on mitigating damage from targeted attacks instead of trying to prevent them.
Sean Arries, a researcher at Terremark Worldwide Inc., a Miami-based provider of IT infrastructure services, said traditional security measures, such as signature-based anti-malware tools, can't prevent targeted attacks because the perpetrators often take advantage of zero-day threats for which there are no known defenses.
Instead, he said, companies should take steps to strengthen their ability to detect intrusions and to respond quickly. Arries noted that a gusher of data going out over the network, for example, is a sign that something's amiss.