ICT Cybersecurity
Submit newsAdvertiseSubscribe
NewsPress OfficesCompaniesJobsEventsPeopleMultimediaFeaturesOpinionMy Biz
AdvertiseSubmit news

Industries

All industriesAgricultureAutomotiveConstruction & EngineeringEducationEnergy & MiningEntrepreneurshipESG & SustainabilityFinanceHealthcareHR & ManagementICTLegalLifestyleLogistics & TransportManufacturingMarketing & MediaPropertyRetailTourism & Travel

Features

BizTrendsIMC ConferenceIAB Bookmarks AwardsOrchids and OnionsPrism AwardsLoeries Creative WeekMore Sections..

In the news

ASUSAltronSAICAEnquire about a company Biz Press Office
Agriculture
Automotive
Construction & Engineering
Education
Energy & Mining
Entrepreneurship
ESG & Sustainability
Finance
Healthcare
HR & Management
ICT
Legal
Lifestyle
Logistics & Transport
Manufacturing
Marketing & Media
Property
Retail
Tourism & Travel

News

Industries

Companies

Jobs

Events

People

Video

Audio

Galleries

My Biz

Submit content

My Account

Advertise with us

Subscribe & Follow

Advertise your job vacancies
    Post your Job Ad here >>

    Trending

    2 days 7 days 30 days By Industry
    Search jobs

    ICT Cybersecurity

    Energy sector an attractive target for cyber criminals

    23 Nov 2015
    23 Nov 2015
    Given their high visibility, central role in the world economy and the politically sensitive nature of their global operations, energy businesses are becoming increasingly attractive targets for cyber attackers. Energy firms are being targeted every day by attackers leveraging social engineering and using partner organisations to gain access to high-value targets, according to Arbor Networks. The attackers mainly use credentials to stay under the radar, resulting in companies not finding out they have been breached until it's too late.
    nafets via
    nafets via pixabay

    Innovative attackers

    "Many of the organisations breached have invested in layered security at their network perimeter, and have the latest technologies deployed. Unfortunately, attackers are constantly innovating and have access to many of the defensive technologies used today. This allows them to develop methods to circumvent these technologies as quickly as they are being deployed, rendering many of them useless," explains Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

    "Locking down the perimeter of the network to keep threats out is virtually impossible given modern working practices, BYOD, control applications, billing interfaces and partner connectivity. This list does not include what is often the weak-link, from a security perspective, the human element. Once inside a network, attackers often have a significant period of time to move laterally, establish resilient connectivity and accomplish their goals discretely," he adds.

    A critical concern is that while the sophistication of attackers is variable, the energy sector occupies a unique position within critical national infrastructure and both national and global economies, making it a mark for ideologically and politically motivated attacks. Thus, the attacks are at times purely aimed to cause disruption, rather than financial gain for the attacker.

    Dealing with a determined adversary

    Hamman points out that preparation is key: "While deploying additional technologies to detect or block the latest threats as they enter networks is the approach many organisations continue to take, it is only effective at dealing with the majority of attacks. A determined adversary will however eventually get through these defences."

    What is needed, he stresses, is to detect any incursion or anomaly as quickly as possible, wherever it occurs. "Augmenting broad visibility with deep visibility at key locations through packet capture and meta-data extraction can allow the identification of more specific threats, and access to relevant forensic data to aid investigation. But, the data produced needs to be accessible and usable by our security teams," states Hamman.

    It therefore becomes imperative that security solutions maximise the effectiveness of scarce security resources and promote workflows that remain oriented around the goal - reducing business risk from cyber attack.

    Arbor solutions use visualisation techniques to allow speed-of-thought navigation through large volumes of data, reducing the time spent in the threat validation/investigation process to free up time for more proactive, focused identification of potential problems which may otherwise have gone unnoticed.

    Arbor solution has three areas of focus:

    1. Always-on network perimeter protection from DDoS attacks - threats such as DDoS and other cyber-attacks need to be detected and blocked before they escalate into costly service outages.

    2. Cost-effective internal network visibility and threat detection - the greater your visibility across internal network operations, the better your ability to detect suspicious or malicious activities wherever they occur.

    3. Security analytics - speed up the investigation and triage of security events and augment existing threat detection processes with a more proactive 'hunting' approach. Attackers are innovating constantly; maximise the effectiveness of your security resources to counter this innovation by giving them interactive visualisations of key security data, so that threats can be identified, understood and contained more quickly.

    Read more: security solutions, social engineering, Arbor Networks, Bryan Hamman, threat detection
    Share this article
    NextOptions

    NextOptions
    Related
    Let's do Biz