Kinetic & Cyber attack response from Iran?
It has been been widely reported that Iran launched its first retaliatory attack. Given that they have established hacking groups are we likely to see cyber attacks as well, and is there anything that Organisations can or should do to protect themselves?
The likelihood is that there will be cyber attacks but they may only target high profile and Government organisations. The US Department of Homeland Security released some general advice that is worth reviewing regardless of your geographical location.
If there is a cyber escalation from either side there is likely to be significant collateral damage. We have already seen this from the Stuxnet worm that was used to cripple Iran's nuclear program. Years after the original release of Stuxnet it was still being used to attack infrastructure.
So what should you do to protect yourself beyond the basics of firewalls, antimalware, patching etc.
Developed by Lockheed Martin, the Cyber Kill Chain® framework gives a clear concise path typically used by bad actors to breach the network.
To proactively defend against attacks you must be able to detect the signs as early as possible. So solutions such as our Overwatch managed service are designed around this cyber framework to detect the early stages of an attack which legacy systems are unlikely to notice.
Firewalls no matter how sophisticated get breached, antimalware does not always detect threats!
The only way to successfully defend your data assets is to understand what traffic is traversing your network. As the saying goes 'You don't know what you don't know'.
In the case of cyber defences if you are not proactively monitoring, correlating and analysing all of the following then you may miss a cyber attack. Once the network is compromised it can destroy a business: