Is it important to know who is performing a cyber-security attack? Mark James discusses the issue.
When dealing with cyber security is it necessarily useful for organisations to know who the attacker is? Or is knowing what the attack is enough to orchestrate a security strategy and understand the nature of these threats?
Mark James, ESET IT Security Specialist, discusses how it could be beneficial to know who your hacker is, as well as what they are doing.
“I think it’s of great use to know who the attacker is, but it also depends on the size of the company and how you are going to form your defences.
“If you’re small enough to form general defences then just being aware of what sort of attacks are happening could be enough to keep you safe from opportunistic attacks.
“But if you’re a larger company and you want to form specific defences, it’s very similar to profiling for physical crimes.
“Understanding your attackers habits, previous targets and methods used could enable you to tailor your defences with a view to anticipate their future methods or attack technique’s.
“Cyber defence is so much more than just putting software or hardware in place and hoping to catch the bad guys.
“It’s similar to net fishing: it’s a huge sea, and blindly casting your net will likely yield nothing. On the other hand, compiling previous information, looking at habits and known information means you could end up catching a huge haul or in this case stop a major attack.
“Whilst new and different attack methods appear regularly cyber criminals can be creatures of logic and habit.
“If it’s successful then making slight changes will confuse and ensure success, but still be close enough to origins to be identified through prior knowledge.
“But of course that’s the nature of this industry, it’s not enough to just do that, you have to think out of the box and we are back again to multi layered defences.
“Being on the lookout for both modified and existing attack vectors, along with completely new techniques is the only way to stay safe.
“Doing the basics while learning and reacting real time along with utilising modern defences and expert knowledge.”
Is the identity of the attacker be important to you? Let us know on Twitter @ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.