Over half IT pros believe business is losing cyber battle

Business is losing the battle against state-sponsored cyber attacks according to a survey of senior IT security professionals

Businesses are losing the battle against state-sponsored cyber attacks and things are unlikely to improve in the short term, according to a survey of senior IT security professionals.

This was the view of 58% of nearly 200 respondents, polled by Lieberman Software at Black Hat USA 2013 by Lieberman Software.

While nearly 63% of respondents think a state-sponsored attacker will attempt to breach their organisation in the next six months, 74% said they were not confident that their own corporate network had not already been breached by a foreign state-sponsored hacker.

Most respondents said they believe that the hacking landscape is going to get worse over time

Martyn Croft, co-founder of the Charity Security Forum and CIO of The Salvation Army UK, said he is not surprised by the findings.

“I'd certainly have to agree with the pessimistic view that it's probably going to increase,” said Croft.

According to Croft, a certain amount of inference from the known attacks such as Stuxnet indicates that state-sponsored attacks have become a commonplace occurrence.

Amar Singh, ISACA Security Advisory Group London Chair, said he would have expected more than 58% to be pessimistic.

“Most organisations will lose the battle if they end up on the target list of a state-sponsored attacker,” he said. 

Singh warned that opportunities for attack will only increase when the world fully embraces the IPV6 next generation internet protocol, which he said will allow every human being to own 2,000 fixed internet addresses.

“Think about the attack surface when your TV, watch, wristband and car’s engine have a unique cyber space address and will be always connected to cyber space,” he said.

As state-sponsored cyber attacks increasingly become a serious problem, many nations are building defensive, as well as offensive, techniques to deter attackers, Singh said.

“This was recently demonstrated when North Korea announced it has built an army of 3,000 cyber trolls to attack South Korean websites,” he said.

Philip Lieberman, president and CEO of Lieberman Software, said the threat of state-sponsored attacks is extremely serious for government and commercial entities, with the probing of IT infrastructures in both environments taking place continually and attacks being launched on a regular basis.

“The majority of organisations are prepared for amateur hackers and low-level criminals, but are completely ill-equipped to deal with today’s advanced nation-state foes,” he said.

The most dangerous threats, said Lieberman, are highly personalised attacks designed for one-time use against specific individuals. 

Many state-sponsored attackers can now create perfect email attacks that insert remote control software onto corporate networks.

For this reason, Lieberman said most corporations and government agencies would benefit from better security training, documented security processes, and systems to manage and secure privileged accounts that grant access to critical IT assets.


Read more on Hackers and cybercrime prevention