Newsletters
Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Business Intelligence Sales & Marketing More Topics...
Data Security
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Enterprise Lessons from Anonymous
Enterprise Lessons from Anonymous' World Cup Threat

By Jennifer LeClaire
June 3, 2014 10:29AM

Bookmark and Share
Anonymous is taking on the World Cup, threatening to launch cyberattacks on its sponsors. To deal with Anonymous' threats, World Cup sponsors and all businesses need to take a gaming frame of mind when they build their cybersecurity practices -- it's about the game play, not the technology, said TK Keanini, CTO of network security firm Lancope.
 



Anonymous isn’t making as many news headlines this year as it did in years past, but the hactivist organization is alive and well -- and making threats to launch cyberattacks on sponsors of the World Cup in Brazil.

“We have a plan of attack,” a member of Anonymous who calls himself Che Commodore, told Reuters. “We have already conducted late-night tests to see which of the sites are more vulnerable . . . This time we are targeting the sponsors of the World Cup.”

Reuters admits it had no means of confirming Commodore’s identity or his affiliation with Anonymous and reports that the sponsors did not immediately respond to requests to comment on the threat. But what can enterprises learn from this global headline?

Are You Ready?

We caught up with TK Keanini, CTO of network security firm Lancope, to get his take on the Anonymous moves. Regardless of threat profile, he told us an event of this magnitude needs to have a heightened level of readiness to a physical or cybersecurity related event.

“By the time a group like this makes a public announcement, much of the infiltration phase has already been done,” Keanini said. “These threat actors are smart and they don't start to show their cards until they are well into the operational phase of their campaign.”

Keanini stressed that events like the World Cup require hundreds of interconnected businesses all of them need to be prepared. Offering the hard truth, he said if your business is connected to the Internet you should be prepared for cybersecurity events because they are likely to have already happened -- you just don't have the tools and techniques to detect them.

“When we consider the World Cup and the level of talent competing, it helps us frame the challenges many face in cybersecurity,” Keanini said. “It is not as much about the technology, as it is about the game play and talent where as soon as one side makes a mistake, it is exploited by the other team.”

A Gaming Frame of Mind

This is the same thing that happens in cybersecurity and in some cases, he said, the adversaries have an overwhelming advantage in terms of talent. His advice: businesses need to take a gaming frame of mind when they build their cybersecurity practices -- it is about the game play, not the technology.

We also asked Tom Cross, Lancope director of security research, for his take on the Anonymous news. He told us distributed denial-of-service attacks often come into play in public controversies and protests. At this point, he noted, preparation for denial-of-service attacks should be standard practice for any organization with a large, mission-critical presence on the Web.

“However, every organization with an Internet network can do their part to make sure that they don't have services running on their network that can be leveraged by attackers for traffic reflection and amplification,” Cross said. “DNS servers, NTP servers, SNMP services, voice over IP services and XML-RPC ping back services in particular should be checked to make sure that they don't provide a spring board for denial-of-service attacks.”
 

Tell Us What You Think
Comment:

Name:



You have the experience and skills, let an ISACA® certification demonstrate your value. Our certifications announce that you have the expertise and insight to speak with authority. ISACA certification is more than a credential; it's a platform that can elevate your career. Register for an Exam Today.


 Data Security
1.   Juniper DDoS for High-IQ Networks
2.   Google Hacker Team to Hunt Bugs
3.   Cloud Firms Offer Azure Starter Kit
4.   FBI Cyber-Expert's Humble Start
5.   Chinese Hackers Hit U.S. Officials


advertisement
Gartner Rates IT Security Companies
IBM, HP, McAfee, Splunk ranked well.
Average Rating:
Hackers Target Western Energy Firms
Appears to be state-sponsored group.
Average Rating:
IBM Uncovers Android Security Flaw
Ten percent of devices at risk.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 

Enterprise Hardware Spotlight
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Business Intelligence | Sales & Marketing | Contact Centers | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.