On January 25th, 2010, United States Air Force announced that 24th Air Force, a fully fledged division of the USAF, has reached its Initial Operational Capability. The 24th does not have any planes, it is a Cyber Warfare unit, with a mission to defend the interests of the United States in both defensive and offensive roles. This is one of the major operating components of the future US Cyber Command. The writing is no longer on the wall, it is on the billboards: “All future conflicts will involve extensive internet-based attacks”, as it already happened during the Russian-Georgian war in 2008. Governments from around the glob are tripping over themselves to establish advanced defensive and more importantly offensive capability. The top contenders in the field are US, China, France, Russia, and Israel.
While the national level maneuvers might not concern most private citizens, it should be read as an indication of the status of current technology, positioning of threat capabilities from around the world, and what impact all that could have on your enterprise. Since the capability exists, it can be employed against undefended targets, such as most private enterprise, without detection or consequence. Therefore, individuals and enterprises who do not pay attention to the threat billboards in front of them, will be the first to suffer the consequences of whatever risk lies ahead. More importantly, undefended sites will and do fall victim to attacks of all sorts from the cyber space with all sorts of consequences, even without open hostilities among governments. This is simply because the capability is out there and the consequences for the professionals are non-existent.
The good news is that there are professionals on the other side of the fight. There are effective and proven detection and prevention tools that are available to the private sector. These tools are almost a no-brainer when the potential consequences are evaluated and the probabilities are calculated. Some solutions come in the form of separation of connectivity to the internet for highly sensitive data, while others in the form of hardware firewalls. It can be argued that the most efficient prevention method is a hybrid solution of software based detection agents installed on each network component and a human management system. This approach allows for detection of anomalies and the flexibility of a timely human investigation, which prevents most attacks at much more reasonable cost than more severe methods of detection and/or prevention. Find out more at http://www.thetechinfogroup.com/services/managed-host-based-security.html