CA Community






This Blog
Syndication

Invisible Hackers Consume Power

Published: February 13 2012, 01:00 PM
by Luke Forsyth

When I'm out talking to prospective customers, there is usually one topic of discussion that crops up - not just regularly, but ALL the time. Hacking.

This activity is so pervasive - it's almost an international sport. Jokes aside, it is a serious threat to business across the globe, and methods are becoming more and more intelligent by the day.

Spotting an attack as it happens isn't as easy as you think - neither is spotting the fact that you have been hacked - there is often no trace.

The first thing to remember is that when arming your business against cyber attacks, it's not always the intrusion detection/firewall and malware software that will help you fight the hackers - it's too obvious.

The best time to spot an attack would be during the preparatory stages however, comparing a ‘normal' information environment to one which is under attack is a challenge. Having a clear view of what is normal information environment is the best method for detecting an attack.

Attacks may show many unrelated anomalies in disparate areas of the environment, this means that recognition of a normal operating state requires you to include all areas of the environment where these anomalies are visible so that they can be correlated.

The challenges of defining a normal operations state is not just across the network, but in storage and hosts (PC, Laptop and mobile devices) which need to be monitored as they are all a source of information and a potential avenue of threat. Hosts are a rich data source as they now house significant threat detection technologies. Application performance monitoring technologies may also be able to correlate software performance, as an information source, APM could be an early indicator of anomalous activity.

One indicator of a hacker attack is the consumption of bandwidth and power. In recent discussions with a prospective customer I highlighted that reports about bandwidth  and power consumption don't lie - whereas perhaps it is harder to spot data which has been compromised/copied because it looks the same regardless!

The customer in question found huge bandwidth spikes on weekends when really consumption should be at its lowest, taking a closer look, it was obvious that they were the victim of malicious activity.

So Eco governance tools which are able to monitor Power (AC/DC) and Environmental (HVAC) data, are both useful indicators of an attack and a nod to a business's environmental policy.

There are multiple infrastructure management solutions which can help you spot and divert hacker attacks, if you are interested in discussing these further contact me at or leave a comment.

 

 

Share this post:  
Leave a comment

 

By: Luke Forsyth
Luke Forsyth, VP, Security Services EMEA Luke joined CA Technologies in September 2010. Prior to CA Technologies Luke worked at McAfee, Accenture and began his career at Telstra. Luke is a Certified Information Systems Security Professional (CISSP) with more than fifteen years consulting experience,...
Read More..

Comments:

No Comments

Leave a Comment

* An asterisk indicates a required field

* :  

:

* :  

 Submit