Russia allegedly launches “sophisticated” attack against the Pentagon

NBC broke the news last night that Russia launched a “sophisticated cyberattack” against the Pentagon’s Joint Staff unclassified email system, which has been shut down and taken offline for nearly two weeks.

Andy Heather, VP EMEA at HP Security Voltage, commented:
 
“Cyber attacks are a real and present danger, whatever the source. The sophistication in advanced malware renders traditional security virtually impotent.
 
Current, traditional security technologies are ineffective, and both businesses and government agencies have to do more to protect sensitive information.These traditional technologies, including access and authorisation, AV and endpoint protection technologies, are not enough to protect information across its entire life-cycle, from the moment it’s created to the moment is consumed and deleted.  These current technologies are not providing the necessary means to actually protect data as the data moves throughout and across an organisation.
 
The only way that companies and government agencies can ensure that any sensitive data is comprehensively protected, is through a data-centric security program. This protects the actual data levels, rather than these traditional security technologies which focus on protecting the perimeter, which has long since failed to exist.
Organisations should be using data encryption as a means to protect their information.  Encryption should be used as a key mechanism within a data-centric approach, but encryption needs to be applied at the data level itself – not only on the database, or disk level, which are again simply point solutions.
 
Public and private sector organisations are leveraging cloud-based services, mobility and big data initiatives to manage, move and analyse sensitive data like never before.  Protecting the data itself through a data-centric strategy is the only way that these organisations can leverage these initiatives in a secure and protected way. 
The ongoing use of only traditional security technologies will simply lead to more data breaches, especially as cyber attacks increase in volume and malware sophistication A data-centric approach including encryption and, tokenization, is the only way for any organisation to secure the data from these continued attacks.”

(334)

Share