ESET: 5 steps for cyber-attack companies

: Καθώς το σύγχρονο επιχειρείν βασίζεται όλο και περισσότερο στην ψηφιακή τεχνολογία, και με τα κρούσματα των κυβερνοεπιθεσέων να αυξάνονται διαρκώς, η προστασία των εταιρικών δεδομένων αποκτά ακόμη πιο μεγάλη σημασία.

Denise Giusto Bilic, her Security Researcher ESET, advises companies and organizations that have been attacked, to take five key steps in order to protect their important resources.ESET

Step 1: Determine its scope s.

Companies that have been attacked usually rely on their intuition to assess the situation rather than analyzing the problem. If the company has invested in the development of robust Emergency Management Systems, it is possible to quickly gather data that will lead to credible assessments to investigate the first important questions: what systems have been violated and in what way? Is the infection confined to only one part of the network? Has leaked data? Are we talking about corporate data or personal data about employees and / or clients?

Step 2: Ensure business continuity.

In the event of leakage of information likely to endanger workers or customers, they must in principle be informed and warned. If the company has backed up its records, and already has an action plan, it can immediately return to its regular customer service rates.

Step 3: Limit the infection.

First, it should be isolated ς ή/και το τμήμα του δικτύου που έχει παραβιαστεί. Σε περίπτωση που διαπιστωθεί ότι οι επικοινωνίες που χρησιμοποιούνται για  την επίθεση είναι κρυπτογραφημένες, θα πρέπει  να εντοπιστούν τα κλειδιά με τη βοήθεια τεχνικών reverse engineering, ενώ, αν η επικοινωνία πραγματοποιείται σε μη εμπιστευτικά πρωτόκολλα όπως το HTTP,  ο εντοπισμός των that the attacker uses will be easier. In both cases, the goal is to create firewall rules to quickly establish a first line of defense. To what extent the company has invested in preventive mechanisms and detection of threats, and uses a comprehensive security solution, will determine its ability to respond to this critical phase.

Step 4: Eliminate infection and attack.

The removal of the malefic είναι μια περίπλοκη διαδικασία. Το πρώτο στάδιο περιλαμβάνει τη λεπτομερή ανάλυση του κώδικα για να κατανοηθεί ο τρόπος λειτουργίας του, κάτι που οι λύσεις antivirus κάνουν αυτόματα, εξοικονομώντας πολύτιμο χρόνο στη διαδικασία απόκρισης. Είναι σημαντικό να απομακρυνθούν οποιαδήποτε κακόβουλα υπολείμματα και να αφαιρεθεί το τρωτό σημείο από όπου  έγινε η επίθεση, να ενισχυθεί η διαδικασία ανάλυσης των πακέτων που μεταδίδονται από το δίκτυο, να αναθεωρηθούν οι ρυθμίσεις του τείχους προστασίας, να αλλαχθούν οι on corporate networks and update the keys. At this point, it's worth determining whether the infection was the result of simple carelessness or part of a targeted series of attacks.

Step 5: Learn from any errors.

A thorough investigation of what happened can be an opportunity to improve procedures within the company. Removing any vulnerabilities, the existence of which was previously unknown, is an opportunity to identify others points and strengthen the defense. It will also show elements of the system design that need to be strengthened, and discover the weak points that exist in the current defense so that a stronger one can be designed. 

iGuRu.gr The Best Technology Site in Greecefgns

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).