Skip to main content

Mitigate Risk, Prevent Attacks | Optiv

February 19, 2010

Yesterday, the Wall Street Journal published an article by Siobhan Gorman about hackers in Europe and China who successfully broke into computers at 2,500 companies and agencies over the last 18 months. The hackers used various techniques to infiltrate the corporate networks, including malware, phishing, email attachments, false virus patches and botnets.

A client of ours asked us: “what do you propose we do as an organization?” The answer to this question really revolves around at what point of the infestation/attack they are at.

Not Infested/Attacked Yet - Answer:

Training, Training, Training! The best non-technical way to prevent getting infected is user awareness training and testing/retesting. The majority of the attacks faced by Twitter, Google - and with this round of attacks - are directly targeting the employees and users of your network.   If you haven’t taught your users the basics of what to avoid, you can pretty much assume you are going to get infected by the next big infestation/attack that is going to come around. Providing ongoing user awareness training and seminars that include real world examples and scenarios is the best way to educate your users on their requirements to help you keep your environment as security as possible.

Additionally, if you’re one of the organizations with dynamic content filtering, proxies, IPS, DLP, HIDS, and an enterprise patch management solution, some luck may be on your side. A lot of the ‘ware can be delivered in email, through web applications and most popularly, through PDF, so more than one area of your strategy may need attention if you don’t have the above.

Darn it , We got it! – Now What Answer:

So, you’ve gotten infected and need some help cleaning up or figuring out what’s going on.  Here’s where Accuvant can help and the types of services we offer:

1- Emergency Response Level Services:

Time is of the essence. Emergency response services can assist customers with responding, containing and isolating infected systems to start fixing the issue.  These services are designed to get in there fast and start helping the client monitor for points of infestation and possibly kill spreading attacks.

2- Malware Analysis:

The LABS team has performed these for clients that want detailed analysis of a unique infestation or deliberate events.  In these cases, we do a forensic image of the system and review the binary to try and determine origin and function.  We have performed these services for financial companies, and those that need to know if they are being targeted by industrial espionage or organized crime.

3 – Solutions Optimization

After an event, several clients have asked us to come in and evaluate their current solutions to determine if they have configuration issues or coverage gaps in current technologies.  Essentially, we do a security gap analysis to see what solutions/technologies they are missing, as well and how we can optimize their existing installed solutions. Once the gaps are identified, we can start helping the client find solutions to fill the voids.

After The Dust Settles:

By now, we should have things at least contained and most of the issues have been resolved.  At this point, Accuvant highly recommends going back to step one, user security awareness training,  updating your existing program to include these latest examples and refreshing your users on their responsibilities to helping you keep your environment secure.

Unfortunately, the events that were discussed in the WSJ are ongoing. There is no silver bullet to stop stuff like this from happening, so the best solution is mitigation, prevention and awareness training. Companies need to understand their risk landscape and take steps to appropriately address those risks before they get compromised.

Related Blogs

November 25, 2014

'Tis the Season for Phishing

It’s that time of year again, the holiday season. A time filled with friends, family, good food, and celebration. But of course it has its downsides a...

See Details

April 09, 2014

The Evolution of Malware and Security Compromise

Malware is evolving and changing at an unprecedented rate. The fact is that 95% of all organizations have been compromised, without their knowledge, i...

See Details

May 20, 2013

Tip of the Spear: Phishing or SpearPhishing?

Ever wonder what the difference between phishing and spearphishing is? What about whaling? As someone in the information security business, I get ask...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

June 14, 2017

Incident Management Plan Development

We have the experience and knowledge required to help your organization develop a strong incident management plan.

See Details

July 21, 2015

Data Security Solutions

Learn how we can help secure your date throughout its lifecycle.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.