the unique issues universities and other institutions of higher learning have to face in balancing access and security for their constantly growing and changing user-base, can pose additional difficulties which must be considered and solved
New York, NY (PRWEB) July 26, 2013
The incredible breakthroughs of America’s best and brightest in technology, medicine, engineering and a wide array of other areas, are a very sought after commodity in the hacker world of cyber espionage, and as highlighted in an article last week in the New York Times, universities are being flooded with tens of thousands of cyber attacks daily by cyber enemies ranging from freelancing criminal hackers, to cyber warrior squads doing the bidding of the foreign governments which they serve. “Grappling with the sophistication and longevity of some of these attacks can pose a fierce challenge to any organization,” says Bob Knudsen, the Northeast Regional Manager and senior cyber security specialist for Global Digital Forensics (GDF), “but the unique issues universities and other institutions of higher learning have to face in balancing access and security for their constantly growing and changing user-base, can pose additional difficulties which must be considered and solved for any hope of attaining an effective cyber security and emergency response posture.”
The flow of data is the flow of creativity.
“Universities and colleges are faced with a unique dilemma,” says Knudsen. “On the one hand, sharing and collaboration are at the heart of bringing new ideas to life, from that first spark of a totally new theory or idea, or a new improvement to an existing one, through design, testing and development. That’s why it’s essential in academic environments to keep that flow of data moving. But on the other hand, they need to fend off the horde of darker forces in the cyber realm that are bent on stealing those great ideas for their own purposes. And sometimes, those forces are even enemies of the state, which can have pretty far reaching consequences on both the stability and security scales we struggle to keep balanced. It wouldn’t be hard to imagine a new invention in energy, medicine, commerce, transportation, or military might shifting the balance of power on a global scale, so we’re not talking about small potatoes here.”
These hackers aren’t interested in a one-night-stand, they are looking for more of a long-term relationship.
“Global Digital Forensics has lived in the live-fire cyber security trenches for a long time, and we’ve done a great deal of work for universities and colleges to help them significantly improve their cyber security posture and nail down effective cyber emergency incident response plans. One thing that always gives me chills is the sheer longevity of many of the attacks we uncover. These aren’t typically smash and grab type crimes,” Knudsen said, his years as an officer with the NYPD shining through, “these are more like high-tech stalkers. They want to get in quiet and observe undetected for as long as they can, learning everything they can about their victim. And in today’s digital world, that could be everything from security procedure weaknesses and target mapping, to data exfiltration ranging from the personal and sensitive information of students and staff, to design plans, manufacturing methods and other valuable intellectual property. If they do it well, it’s like finding an endless waterfall in the middle of the desert, their source of survival in the form of their very own pristine watering hole, and they’ll fill up there for years if you let them.”
Assess, test and respond.
“The cyber threat landscape evolves quickly, so right on the front burner of any effective cyber security plan has to be regular cyber threat assessments. A GDF cyber threat assessment looks at the big picture, from cyber security policies and procedures and regulatory compliance issues, to the unique digital infrastructure and data flow requirements of the school. It helps us uncover weaknesses so we can help the client make determinations about where exactly what kind of data is stored, and the possible vulnerabilities. Is a segmented network the answer? Is security and awareness training lacking? Are mobile devices providing a gateway for intruders? We look at it all. Then we take on the role of real-word hackers with comprehensive penetration testing. We’ll do everything from investigating publicly available information to craft realistic spear phishing campaigns, setting up dummy sites to lure users into divulging precious credentials, or we’ll use any other tradecraft we’ve got in our big bag of tricks to infiltrate the network. We’ll drop “GDF-infected” USB sticks, we’ll make phone calls, we’ve even been known to pose as workers, staff or students to get the information or access we need for a successful intrusion. And to date, we’ve never failed to compromise our target. Basically, we do everything we can to find holes in security so they can be plugged before someone else with more devious intentions exploits them. But there is no such thing as absolutely foolproof security, especially in an environment that sees new threats coming out daily, so we also help clients establish a functional and effective cyber emergency incident response plan, which we back up with a team of expert responders strategically located around the country and worldwide so we can have the fastest response times in the industry. Our emergency response teams are available 24/7 every day of the year. We even have no-retainer Service Level Agreement (SLA) options for our assessment and penetration testing clients, so they can have us in the wings ready to respond in the event of a cyber emergency, without having to pay anything additional at all if we’re not needed.”
Relying on yesterday’s cyber security models to face today’s newest cyber threats is simply a dangerous and foolish exercise. America’s best and brightest are the keys to a better future, and they deserve the best security available so their efforts and ideas are not ultimately realized by foes taking shortcuts. So don’t wait, get up-to-date with GDF today.
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.