What can organizations do to protect themselves from cyber attacks?

The destruction, the billions of dollars of damage caused by cyber attacks that are increasingly expanding around the world in terms of scale, ways and levels of danger, makes organizations government, businesses, small or big, have a headache to think about how to deploy, how to invest to protect their digital systems in general, as well as the amount of valuable information stored inside those systems in particular. For a long time, network security experts have fully exploited the effects of firewalls, erected to prevent unwanted traffic, as well as setting decoding targets on the system. Its network to distract hackers. In addition, they have been constantly scouring, or rather, promoting remote defense measures against possible attacks, in order to provide a suitable countermeasure to help minimize such Maximum damage can happen to themselves and their customers. However, it also shows that the sad fact is that security experts are always passive in terms of hackers, so the pressure placed on their shoulders is extremely large.

At the present time, although many managers and officials in the field of information security are beginning to think about furthering their defensive activities by taking more proactive measures. However, we can also see the emergence of some extreme measures in the area of ​​active defense, which highlights a method sometimes called "hack back - attack. go back "into the enemy system to gather clues about what they are doing, prevent the attack or even delete the data and damage the attacker's computer.

What can organizations do to protect themselves from cyber attacks? Picture 1

1. The provisions of the Criminal Code relate to the field of information technology and telecommunications networks

Many studies of the benefits and limitations of various positive defensive measures have been conducted. In particular, the highlight is the work of security experts Danuvasin Charoen from Thailand National Development Management Institute and Kalea Miao, a scholar of Kelley University of Business (Indiana University, USA). ). This research has found an amazing number of companies and government organizations - used a variety of ways to take a more active role in their network security activities, but questioned. The problem lies in the fact that organizations are rarely ostentatious about the measures they use.

Take initiative

Looking at the surface, it seems like "The best defense is a good offense" - Sometimes the most effective defense is to actively attack, accurately describing the security situation, network security at the present time. As we all know, the damage caused by network attacks can be very terrible. In May 2017, a complex cyberattack called WannaCry staggered the IT world. Specifically, this attack has affected hundreds of thousands of computer systems around the world and caused losses of more than $ 4 billion for data recovery costs and systems' productivity in status. original Less than a month later, another attack, called NotPetya, caused damage to the global shipping company Maersk by $ 300 million . And there were many other serious cases.

What can organizations do to protect themselves from cyber attacks? Picture 2

Facing the risk of facing huge losses from cyber attacks, some companies have considered strengthening their defenses to be one of the top concerns. Large companies, with sophisticated security systems, know what is needed to protect their customers, networks and valuable trade secrets. In addition, these companies also have high-level employees, possessing the necessary security skills to track hackers' activities and even infiltrate the attacker's own system. But the moral issue and the meaning of justifying a cyberattack is to defend often quickly complicated and become a fierce debate.

1. The Internet is experiencing a huge problem with C / C ++, causing developers to "sweat"

The boundary between the concept of attack and defense in this case is often unclear, for example, exactly who is behind an attack? - uncertainty, guesswork can last for days, months or even years. So how should the goals of back hack attacks be understood? Suppose, what would happen if a US private company believed that they were being attacked by a Chinese government-owned company, and if the US company carried out a hack back then it would be Can it be considered a confrontation between two countries? And if worse, how does this hack back attack actually be shadowed by some kind of ploy, how will the relationship between businesses or larger countries be affected? In general, companies and organizations should not be empowered to start a global cyber conflict, which can have serious consequences, both online and offline.

Of course, it is important to think about what might happen if a country allows its companies to attack against government or company efforts of other countries. For example, with the United States, many US companies may become victims of cyber attacks, while the legal provisions for fairness of these companies are extremely limited.

Attack the network and the legal system

What can organizations do to protect themselves from cyber attacks? Picture 3

At the present time, hack-back is considered illegal in the United States and many other countries around the world. Specifically, in the United States, the provisions of the Fraud and Abuse Act make it illegal to access another computer without permission. In addition, G7 members, including Thailand and Australia, also consider hack-back to be illegal and prohibited. In 2018, more than 50 countries (excluding the United States) signed a deal, which stipulated that private companies based in their countries were not allowed to hack - back even if it is clear who hacked your system.

However, those who support hack-back tactics are also pushing their message. In a move at the 2016 US presidential election, Mr. Donald Trump, a Republican candidate, who is currently the 45th President of the United States, promised to ensure "users have the right to self defense to deal with hackers when they feel fit ". In March 2018, Georgia's state legislature passed a bill that allowed "proactive defense measures to be designed and implemented to prevent or detect unauthorized computer access behaviors". However only two months later, Governor Georgia Nathan Deal, backed by major technology companies, vetoed the bill because it thought it could cause "national security concerns." and abuse for potential future offenses. ' If it really becomes a law, the Georgia state bill is still unlikely to be widely adopted because it is in conflict with the federal Computer Fraud and Abuse Act.

1. Malware and user security bugs are found in top free VPN applications

Earlier, some Washington lawmakers also offered companies that were allowed to take active defensive measures. In 2017, Mr. Tom Graves, Georgia state representative, proposed the Act of Active Cyber ​​Defense Certainty Act, allowing companies to participate in some active defense measures, including conducting surveillance of potential attackers, provided that they must notify the FBI in advance and commit that this action does not threaten "public health or security". this law cannot be passed and is gradually forgotten. In general, active defense is still illegal in the United States and other parts of the world!

Of course not all countries prohibit hacking back. A prime example is Singapore, in Lion Island, companies have the right to use and implement proactive defensive measures in an effort to prevent, detect or counter specific threats. , is and can happen to its important infrastructure, including the financial sector. Some other countries, like France, have a rather strange management: Do not allow private enterprises to participate in active defense, but keep this mode as an option for government organizations. .

In short, organizations can, and should, be encouraged to take passive defensive measures, such as gathering intelligence about potential attackers and reporting illegal intrusions. Active defense, in some ways, may lead to instability in international and business relations.

1. IBM developed a new technology to patch security holes