What is the attacker looking for?

According to OWASP, “Local File Inclusion (also known as LFI) is t

In the news lately there have been countless examples of phishing attacks becoming more sophisticated, but it’s important to remember that entire “industry” is a bell curve: the most dedicated attackers are upping their game, but advancements in tooling and automation are also letting many less sophisticated players get started even more easily.

Generally, only scanty details are available when an organization is hacked.  However, some organizations have proactively positioned themselves to get it write and limit the effects and damage of a successful attack.  Here are what some hacked organizations have done right:

In the years past, for several reasons the Cloud was adjudged too risky for businesses to onboard.  The government was very skeptical for reasons of data security, privacy concerns and trust. 

When systems are properly configured hacking attacks on such systems are less likely to be successful.

When a breach occurs, and systems are compromised with data stolen or modified it hits hard like a winter storm.  For big organizations, this assumes the nature of a blizzard if the data stolen is personal identifiable information, protected health information, or sensitive corporate data such as R&D data that might be worth millions and entails the very existence of such organizations. Then this is usually accompanied by huge public outcry with legal and other implications.

Hacking incidents in financial firms is increasingly assuming an alarming rate.  Imagine this, just in eight months’ timeframe, hackers breached the “Virginia Bank” twice and stole $$2.4M.

What is the motive behind this? Money!  The growing list of banks being targeted in hacking attacks points to only one conclusion.  Money is increasingly becoming one of the leading causes of all hacking attacks today the world over.

The word “Mobile,” synonymous with Mobile Computing or Mobility refers to remote workers, laptop computers and USB memory sticks (thumb drives). In years past, organizations routinely provisioned employees with both, as employees routinely have need or wanted to use their personal laptops and USB sticks for business purpose. Therefore, companies had to deal with a mix of business and personal mobile computing devices.