Does cyber defence need a good offense?

Australians may be ahead of the curve on virtualisation and awareness of security, but changing threats may demand better defence and a more proactive approach, according to Trend Micro vice president for business development Partha Panda.

Australians may be ahead of the curve on virtualisation and awareness of security, but changing threats may demand better defence and a more proactive approach, according to Trend Micro vice president for business development Partha Panda.

(NCO Academy Teaches Leadership in Virtual Environment image by The U.S. Army, CC BY 2.0)

Panda, who is based out of Washington DC, said that Australian enterprise appears to understand the value of virtualisation and the security requirements that go along with them, echoing a recent Forrester study commissioned by VMware. He added that although Australians appear to be doing the right thing, businesses and government could not afford to stay stagnant. Rather, they ought to keep moving down the path to better security and continue to adapt to evolving threats or be left vulnerable.

He warned that although Australian businesses haven't yet experienced the attacks to the scale of those conducted on RSA and US defence contractors, he said that his company is beginning to see attacks that are not necessarily limited by geographical boundaries. He said that countries that appear to be safer are only so due to a lack of exposure to attacks in the past, or the limited technological development and adoption rates in those regions.

Likewise, with governments, Panda said that the measures that are included in defence plans around the world were good, but not enough.

"Having rules of engagement, having a disaster-recovery strategy, having the proper security controls in place is extremely important. Those are all good signs demonstrating that the government recognises the threat of cyber attacks, and are actively engaged in planning defences against it," he said, but added that it would take time before any country reached a comprehensive defence, highlighting how far ahead cyber criminals are.

"We have thousands and millions of infrastructure components we need to defend, and we have lots of data and lots of applications that we need to defend. I don't think we're completely there yet. We're taking all the right steps, but it's going to be a little while before we have all the legacy apps secured and all the new applications secured, and so on," he said.

As part of stronger defence, Panda said that governments may need to take a more proactive approach, developing offensive capabilities as part of its active defence.

"You don't want to take it to the extremes, but as much as necessary so that certain sites are getting shut down and that we're working in tandem with the service providers and ISPs to identify those sites and basically taking proactive steps to make sure those sites don't exist and are shut down."

The German government is one that has clearly invested in its offensive capabilities with several of its states, recently admitting to using a remote-access trojan in its investigations. In that case, the trojan was developed by a private company, whose presentation of the trojan (PDF) was leaked to Cryptome, and dealings with the Bavarian government disclosed via WikiLeaks. Technically, there wouldn't be anything to prevent a Australian government agency from authoring their own or discreetly contracting the work out, if it hasn't already.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All