Page 30 - CDM Cyber Warnings November 2013
P. 30
Why do we need for Incident Response plan?
Due to the constant growth in the number of cyber attacks it is necessary to properly
define the actions composing an incident response plan.
FireEye firm published an interesting post on the need of incident response (IR)
capabilities to reply numerous cyber attacks that daily hit almost any web service.
Starting from the data proposed by Zone-h.org online database every day an average of
100 .co.uk domain websites are hacked, the data are really concerning if we consider
that the trend is on the rise and that in many cases the impact on the security of a wide
audience of users is serious.
"Over 95 percent of businesses are already compromised with malware (source:
FireEye) but don’t know it…..the mindset needs to change from when we are
compromised, to we are already compromised and how do we better protect our assets,
intellectual property, etc. and mitigate future risks?"
Another reflection that must be done is that also the number of targeted attacks is
increased, spear fishing and watering hole are the principal methods of attack for state
sponsored hacking operations, in many cases hackers exploited zero-day
vulnerabilities.
FireEye is one of the most active company in the security scenario, it has in fact
detected in 2013 various zero-day flaws, some of them still not fixed
Exposure Reference Application
12/28/12 CVE-2012-4792 IE
01/10/13 CVE-2013-0422 Java
02/07/13 CVE-2013-0634 Flash
02/12/13 CVE-2013-0640/CVE-2013-0641 PDF
02/28/13 CVE-2013-1493 Java
05/03/13 CVE-2013-1347 IE
09/17/13 CVE-2013-3893 IE
11/08/13 CVE-2013-3918/CVE-PENDING IE
The statistics on on security for websites are discouraging, more than 80% are
vulnerable, meanwhile 75% of new attacks specifically target the application layer of
systems in order to exploit these flaws according data provided by U.S. CERT.
Some sectors appears under incessant attack, it is the case of energy industry and of
government networks, both hit by state-sponsored hackers and cyber criminals.
The improvement of the incident response (IR) capabilities is becoming a must for
private companies and government agencies, it is crucial to identify cyber threats as
30 Cyber Warnings E-Magazine – November 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
