Automated cyber attacks are becoming increasingly prominent according to a new report conducted by Imperva.
The Web Application Attack Report (WAAR) studied attacks on 30 different enterprise and government web applications highlighting that assaults on websites and databases are now as frequent as 25,000 per hour.
The sheer volume of these attacks is worrying. However perhaps more concerning is the fact that most of them are conducted by automated bots. This makes the threat unique. Car jacking for instance cannot be automated and neither can purse theft. For this reason cyber crime has the potential to have greater financial impact than all other forms of crime put together.
“The level of automation in cyber attacks continues to shock us. The sheer volume of attacks that can be carried out in such a short period of time is almost unimaginable to most businesses,” stated Amichai Shulman, Imperva’s CTO and lead researcher.
Aside from automation cyber criminals are becoming increasingly evasive “Our data demonstrates that it is increasingly difficult to trace attacks to specific entities or organisations.”
What is known is that the majority of attacks originate from bots developed in the US (29%) and China (10%). Such bots are simply left to make consistent attempts to hack and retrieve critical data.
Imperva advise CEOs across all industries to always consider their businesses a target and especially “If you hold sensitive information with value for governments, employees or competition.”
Two of the world’s leading security experts have warned that cloud vendors could be losing out on valuable customers and damaging the perceived integrity of the cloud as a whole, because of a failure to confront and fix key security concerns.
RSA head Art Coviello explained during a keynote speech that opened his firm’s 2010 conference that those within the data security industry would need to work harder to ensure that cloud-based services were secure environments.
Mr Coviello also said that many businesses were delaying their adoption of cloud-based technology because of real and imagined threats to the security of the cloud and that cloud vendors would need to put up a united front to reassure businesses that they could trust the technology.
Mr Coviello also pushed for improvements in the efficiency of cloud-based backup and data storage systems, since with more virtualised servers being created, accessibility and efficiency were of equal importance as matters relating to security.
The best way in which to ensure security and sustainability of cloud-based services is to have these fundamental features integrated with the basic infrastructure, according to Mr Coviello.
Meanwhile the CTO of Amazon’s online arm had very similar sentiments to convey during CeBIT in Hannover this week. Werner Vogels said that businesses are definitely interested in cloud computing services with many requiring that any new system that they use is ready for cloud integration.
Mr Vogels also said that offering tangible, demonstrable security measures to protect the cloud were essential to winning new clients. Adhering to legislation and regulation recognised by the industry at large would be the only way for cloud vendors to temper the fears relating to security.
Mr Vogels was similarly concerned with the types of tools that would be available to businesses in order to ensure that data stored on the cloud was easily manageable at the same time as being totally safeguarded. Business continuity could be seriously hampered by any downtime and Mr Vogels called for cloud vendors to create their products on firm foundations which would be less susceptible to driving financial losses for clients as a result of downtime or accessibility issues.
According to Gordon Brown, the security of sensitive data can not be guaranteed. Hence, criticism has been made of his comment that data loss is unavoidable. During his visit to the Gulf he said that mistakes are made by human beings and that the government cannot promise that every single item of information will always be safe. However, the founder and CTO of Secerno said that it is the complete opposite of what was said earlier by the Home Secretary.
According to the Home Secretary, the ID database was supposed to be unbreakable. The government is blaming people and outsourcing contracts rather than using the best available technology. It is important to have an online data backup and online storage as it allows the companies to deal with critical situations and prevent data loss.
Disaster recovery solution protects your valuable data in the most efficient way as all the important files are kept on a backup server. Hence, it is very easy to regain the file if needed. The data can be accessed from any computer through the internet by entering your security details.
According to Gary Clark, VP EMEA at SafeNet, data loss has increased due to stolen portable devices and misplaced hard drives. However, disaster recovery solution keeps your data secured and saves your data from getting damaged or lost. Disaster recovery solution also allows you to access your data from any location at any time.