Suffering a cyber attack for a public administration or business can be devastating if the intrusion is carefully executed. The damage obviously depends on the type of attack and the countermeasures put in place to counter it. The most common are data breaches and ransomware that are carried out in a matter of hours. In the first case, there is the theft and compromise of corporate data, which requires the process of damage analysis to be carried out in order to assess whether to notify the Guarantor and data subjects of the data breach. In the second case, the intrusion has the purpose of blackmail and is carried out by viruses that make data inaccessible on infected computers while the hacker demands payment of a ransom to restore it. These are two examples where cyber criminals have acted with rapid attacks that have manifested themselves, but this is not always the case…
Hidden in the shadows
Can companies and PAs that have suffered attacks and repelled them, or that have apparently never suffered intrusions, consider themselves safe? Does this mean that the cybersecurity systems they have in place worked perfectly? Unfortunately, no! In fact, technologies to hide the intrusion for long periods of time are increasingly evolving; they are called sleeper attacks and serve several purposes.
A hacker and his malicious software could be cleverly hidden to analyze data packets flowing over corporate intranets waiting for the “right” information. But cybercriminals might also be uninterested in causing damage to the computers on which they reside: nested in a Web site they might activate when they need a botnet (a network of infected computers) to send spam attacks, spread viruses to other users, or install management software for their trafficking by exploiting the hardware and connections of unsuspecting companies. Think, for example, of updated versions of Ryuk, a dormant malware that can be used to power on from the Internet computers set up with Wake on LAN whose data it knows and infect them. Or the site could be used as a communications center between political activists in other countries seeking secure connections.
Hopefully, worry!
The title of this paragraph might sound like an oxymoron in everyday life, but in the cybersecurity field, unfortunately, it is not. Hidden intrusions are a dramatically common practice, and the only way to flush out any hidden intrusions is to rely on companies like Hypergrid equipped with the tools and technologies to perform: Vulnerability Assessment, Security Data Recorder, and HyperSafe. Let’s start with the last one: HyperSafe is a service that monitors network resources by checking the functionality, configuration and updates of both servers and security devices, and its purpose is to anticipate any tampering attempt. Vulnerability Assessment is an essential service for small and large companies and public administrations. It is a procedure for in-depth assessment of the security of computer systems. All potential vulnerabilities on a corporate network are researched and analyzed with the aim of improving its ability to prevent attacks based on possible flaws. Finally, the Security Data Recorder, a service that records all network traffic and, in the event of law enforcement audits, is able to produce the necessary documentation to highlight any liabilities or rule out any charges.
All services can be configured according to business needs, for more information contact us at info@hypergrid.it
Devi effettuare l'accesso per postare un commento.