FEATURE : CYBERSECURITY
Organizations should not discriminate between professional and novice attacks .
Instead , organizations must develop a preventionfirst cyber security strategy and be prepared to defend against all possible attack vectors by having a comprehensive awareness of all security vulnerabilities .
With cybercrime becoming more and more lucrative , how can cyber police and society as a whole combat this ever-expanding attack surface ?
The cyberpolice and government need to carry out regular horizon scans to study
Cyber resilience with a strong incident response and recovery plan are also essential for mitigating damage .
Vicky Ray , Director – UNIT 42 Cyber Consulting and Threat Intelligence , Asia Pacific and Japan , Palo Alto Networks
Educating all members of the organizations about cyber hygiene measures is also important . Solidly covering the foundations of good cyber defense can help prevent attacks by rookie and expert cyber criminals looking for a payout .
Can this model be used as a breeding ground by cyber criminals to strengthen their networks ? How can this menace be curbed at a grass roots level ?
The RaaS model and associated forums can be a training and breeding ground for cyber-criminal organizations . Threat actors or affiliates participating in a RaaS model are part of an entire ecosystem , including developers , infrastructures and services for negotiation communications , guidance on how to execute the attacks and platforms for publishing stolen data .
emerging trends , patterns and technologies used . If the landscape is regularly reviewed , the cyber police can develop new tools and strengthen their defense practices . Regular scanning of the open darknet forums to monitor and flag any developments in threat actors ’ conversations could also be implemented .
Furthermore , governments must regularly assess and enhance capacities and capabilities to effectively combat cybercrime while incorporating industry best practices and learning from successful approaches in other jurisdictions .
They also have access to open darknet forums , allowing them to gain knowledge from other members and eventually improve their skills as well as create partnerships with others .
Prolonged discussions on these open forums also grant them access to connect with higher-skilled cybercriminals . The forums may also be considered a recruitment ground for bigger cybercrime organizations .
Curbing attacks using the RaaS model requires increased education and stronger warnings of its illegality to prevent curious minds from wanting to try out the model .
For organizations , staff education on social engineering tactics and other cybersecurity practices also needs to be done , as well as restricting administrative and system access to those who need it . On top of everything , using attack surface management platforms to patch and monitor vulnerabilities may also help .
On a societal level , a strong criminal justice system , bolstered by stringent and efficient laws , will empower law enforcement agencies to adequately probe cybercrimes and acquire the necessary evidence to prosecute the individuals accountable successfully .
The procedures and processes of the criminal justice system must be agile and streamlined to effectively address emerging forms of cybercriminal activities , considering the rapidity and magnitude at which such crimes are committed . p
ORGANIZATIONS SHOULD NOT DISCRIMINATE
BETWEEN PROFESSIONAL AND NOVICE ATTACKS .
www . intelligentcio . com INTELLIGENTCIO APAC 55