Advanced cyber attacks being made by state-sponsored cyber terrorists can take months to control even after being detected, a leading IT security company was warned.
Alex Fidgen, director at MWR InfoSecurity, made the comment following the publication of the Annual Report 2012-2013 from the UK’s Intelligence and Security Committee which indicated that cyber-espionage had resulted in Ministry of Defence data being stolen.
“Attacks targeting Government departments or industry suppliers can remain undetected and active for up to a year, so the problem becomes endemic,” says Fidgen. “Furthermore, it can take months to control these attacks meaning that, during this time, huge amounts of information can be downloaded by the attacking party.
“State-sponsored activity is directly interested in the geo-political decisions being undertaken by governments and associated organisations,” he adds. “However, this is part of the larger picture of increased cyber-espionage activity by one state versus another. While the report focuses mostly on UK Government departments being targeted, this picture is being played out daily amongst commercial organisations”
Fidgen adds: “A large number of organisations lack the understanding or, in the case of the Government, the capacity to deal with sophisticated attacks and their growing volume. Complex networks involving suppliers and partners are a challenge to security and were not built to defend against the attacks that are now being witnessed on a weekly basis.
“The sophistication of these attacks is such that each time more organisations are being targeted,” Fidgen says. “Information is being taken from each and pieced together to provide the final goal for the attacker.”