Planning for the Ultimate Hack

The attack surface for hacking opportunities is getting larger every day.  Even anti-virus applications are vulnerable.  F-Secure just announced a patch for a vulnerability in their product.  On this side of the ocean, Symantec announced several weeks ago that its AntiVirus Library might allow the execution of malicious code because of a high-risk buffer overflow vulnerability.  The important point to take from these announcements is that AV applications are still just that – client-side applications.  ALL client side applications are written by humans.  Humans make mistakes.  Mistakes equal security vulnerabilities.

As organizations shore up their Windows operating systems, non-Microsoft applications are becoming a more attractive target for hackers.  The SANS institute warns that the number of flaws in client-side applications continues to grow; this includes applications ostensibly intended to protect our end user devices and our networks.  This is providing easier access to sensitive information, which can result in HIPAA violations, identity theft, etc.  The bottom line?  Plan for a hacking, because it’s coming to a network near you.

But what is the best planning approach?  Some organizations plan for small events.  They base their planning decisions on the premise that the probability is quite low that a worst case scenario will become reality.  Other organizations plan for worst case scenarios, with the understanding that if their response team is trained in the worst that can happen, they can take care of lesser incidents.  I subscribe to the latter approach.

Incident response includes planning, team development, and testing.  If your team trains for small hacks, it may not be able to react to the big one when it occurs.  The proverbial handwriting is on the wall; the probability that your business will be the victim of a major compromise is growing every day.  Plan accordingly.


Author:  Tom Olzak 


Anti-virus Software: The Next Big Worm Target? 

The Worst-Case Hack Scenario

NIST Guide to Malware Incident Prevention and Handling


Your email:  
subscribe unsubscribe  

Leave a Reply

You must be logged in to post a comment.