Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Hack Attack

Hack Attack

Ratings: (0)|Views: 6 |Likes:
Published by Rory Coen
Two of Qatar's flagship enterprises recently found their networks compromised by cyber attacks from Syrian loyalists. How should Qatar reack to this? Rory Coen gets reaction from ictQatar and McAfee.
Two of Qatar's flagship enterprises recently found their networks compromised by cyber attacks from Syrian loyalists. How should Qatar reack to this? Rory Coen gets reaction from ictQatar and McAfee.

More info:

Published by: Rory Coen on Apr 04, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/04/2013

pdf

text

original

 
 
april 2013
Qatar today
65
Qatar playing such a prominent role in the regionnow, how susceptible is the country to more o theseattacks and, what is being done to minimise theirimpact?Hacktivism, broadly speaking, is the use o com-puters and computer networks to promote politicalends through ree speech, human rights and inorma-tion ethics. It’s the electronic cousin o more conven-tional methods o protest, activism and civil disobedi-ence. Hacktivists are generally seen as terrorists, yetin some situations they are simply exposing a hiddentruth. Whatever their motive might be, it’s under-stood that they can inltrate highly secure networksand have their way.Patriot groups, such as the ones rom Syria, or-ganised themsleves into “cyber armies” to have their way on popular Qatari platorms recently. Whilstthe damage caused was cosmetic, the signicance o their attacks shouldn’t be underestimated. Up to now they have concentrated on the deacement o popular websites or distributed denial-o-service (DoS) at-tacks but these will improve in sophistication and ag-gressiveness, and their avourite targets will continueto be societies that denounce the extremist govern-ments they support. At the end o last month, SouthKorean broadcast networks and banks were compro-mised by an IP address in China, but it was suspectedto be another attack rom North Korea.“Nation states and armies will be more requent ac-tors and victims o cyber threats,” says Essam Ahmed,MENA Pre-Sales Manager or security sotware com-pany McAee. “Many o the world’s military unitsare on the ront line o social networks. Proessionalorums such as Company Command and proes-
Hack
attack
Two of QaTar’s flagship enTerprises, QaTarfoundaTion and al Jazeera, recenTly foundTheir neTworks compromised by maliciouscyber aTTacks from syrian loyalisTs whociTed QaTar’s conTinuing supporT for Therebels in Their war-Torn counTry asTheir moTive.
witH
anti-Virus software
50-60%
effectiVe(rsa)
59%
of enterprise security professionalsbelieVe they haVe been targeted by anapt (Mcafee)
80%
the reduction in thenuMber of infected Machines inQatar (2008-2012)
byrory coen
The Internet is a vast network with no boundaries, attacks canbe done from anywhere inthe world.”
McAfee
tech talk
 
Qatar today
 
april 2013
66
sional wikis involve the development o online col-laborative work. Furthermore, military operationsuse the Internet or e-mailing, social networking and,unortunately, visiting dubious websites. All o theseelements will increase the possibilities o inltrationand unintentional inormation leakage.“Experts are no longer reluctant to predict nation-al responsibility in military and industrial espionageor precision attacks that cause physical damage, as inthe case o Stuxnet or Shamoon. State-related threats will increase and make the headlines, and suspicionsabout government-sponsored attacks will grow,” says Ahmed.
Sophistication
How much preparation goes into these attacks anddoes it matter where the perpetrators are based whenthey carry them out? How sophisticated do they haveto be to beat the high-level security systems that gov-ernments and corporates are investing in?“The internet is a vast network with no boundar-ies; attacks can be done rom anywhere in the world,”says Ahmed. “A simple example is the ability to buy botnets (zombies) which can launch a targeted attack on any organisation.“Advanced Persistent Threats (APTs) are sophis-ticated attacks where adversaries break into systemsundetected using long-term access to inltrate dataat will. Although the threats become more advancedonce they gain access into a network, the entry point with many attacks is convincing a user to click on alink. However, once the APT breaks into a system, it is very sophisticated in what it does and how it works,”he explains.This is pretty much how the attackers compro-mised the networks at Al Jazeera and Qatar Founda-tion. They convinced somebody at those organisa-tions to click on an enticing link that was loaded withtools to download critical security inormation. It’s aprocess called “phishing”.“Most attacks are a because o exploiting policy shortcomings, lack o awareness and contemporary training methodologies,” says Khalid Al-Hashmi,Executive Director, Qatar Cyber Emergency Re-sponse Team (Q-CERT) in ictQATAR's Cyber Secu-rity Division. “The reason [attacks] are successul isbecause the operator is not ully aware o how to deal with raudulent messages. I nobody explained the
D
ependency on ICT systems and networksthat support the nation’s critical sectors suchas energy, utilities and the nancial sector con-tinues to increase; thus, in order to proactively address the cyber risks and threats rapidly acingthose critical systems, ictQATAR has drated theCritical Inrastructure Inormation Protectionlegislation, due to be nalised in 2013, that intro-duces strategies or protecting the most criticalinormation inrastructure systems in the coun-try, including those used or power grids, oil andgas production, nancial transactions, healthcareand government operations.“Aligned with similar legislation being intro-duced around the world, as well as recommen-dations issued by international bodies like theInternational Telecommunication Union (ITU),large and critical entities delivering services thatare crucial to the well-being o the nation will berequired to have an inormation security manage-ment system (ISMS) in place."ictQATAR has also drated Inormation Priva-cy Protection legislation designed to acknowledgeand protect private and personal inormation orthe citizens in this digital and networked age.”
- Khalid Al-Hashmi, ictQATAR Cyber Security
new legislation
cyber securityfirMs are tooreactiVe.their budgets are:
80%
on preVention
10-15%
on detection
5%
on response
(RSA)
KhAlid Al-hAshMi,
ExEcutivE DiREctoR, QAtAR cybEREmERgEncy RESponSE tEAm(Q-cERt), ictQAtAR.
tech talk

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->