Combating cyber attacks: a new approach

Cassidian CyberSecurity and Netasq have outlined a new 7 step approach to combating the advanced persistent threat (APT) posed to organisations and infrastructure in the Middle East region by cyber attack. The companies unveiled their new approach - combining expertise, processes and new tools - at the Cyber Defence Summit in Oman.

Cassidian CyberSecurity highlighted the need for a comprehensive response plan to the persistent threat of cyber attack, which involves raising awareness, initial check, deeper analysis, cleaning, reconnection, recovery and remote supervision.

Guy Meguer, general manager Middle East, Cassidian CyberSecurity, said: ‘APTs are targeted attacks, designed specifically to steal secrets or intellectual properties of specific organisations. They are more sophisticated than generic viruses, as they are planned thoroughly by a skilled team of attackers who install malware into internal systems and then maintain a long-term presence in order to exfiltrate as much information as possible. These threats are now so advanced that they can continue over a year without being discovered. Once they are, an understandable feeling of panic can set in.’

The 7 step approach initially includes prevention and raising awareness of the threat, followed by a diagnosis phase analysis. When these diagnosis are positive, a forensics phase is initiated where the exact nature of the attack is determined; attack markers are then defined in order to prepare for the ‘cleaning’ process. This is followed by a remediation phase where malware and attack signals are suppressed; a recovery process to reinforce network defenses; and finally, a dedicated remote supervision service.

François Lavaste, CEO, Netasq added: ‘We offer a full range of all-in-one network traffic filtering solutions for companies which want to have a proactive approach with regards to APTs. Our unique Intrusion Prevention System gives protection from unknown threats – the so-called zero-day attacks, where vulnerabilities are exploited days, or even weeks, before detection signatures have been released and propagated to the security devices.

‘As the Middle East region continues to develop and grow, public and private organisations who are driving this growth will be subjected to increased and more sophisticated threats from cyber spies. It is vital that we ensure they are adequately protected against these threats, which is where Cassidian CyberSecurity and Netasq can help them.’