Thursday, 5 March 2015

NSA Provides Tips Against Destructive Malware

Attackers who have full access to a network to steal or destroy all data on the network. It is therefore important to prevent attackers able to access and can go about their business undisturbed, according to the US Secret Service NSA in a new document on destructive malware. The report follows the attack on Sony, where assailants sabotaged thousands of computers.

"While there may be tools which in some cases may prevent the complete destroying data at that time, is a better defense to prevent an attacker can get as much control over the network." The NSA recognizes that this can be difficult in practice, but several measures can be taken to make it much harder for an attacker to unseen to get as much control over the network."The sooner network defenders can detect an intrusion, the less damage can potentially cause the attacker."

In the advisory report ( pdf ) the NSA gives several recommendations that help prevent, detect and reduce attacks. For example, recommended network segregation, so an attacker can not gain access to other parts of the network. The use of administrator rights must be limited and it is recommended deploying application whitelisting, so that unauthorized or malicious software can not be installed.

Another measure that organizations can adopt according to the NSA is to install the free Microsoft Enhanced Mitigation Experience Toolkit (EMET) or other programs that perform exploits difficult. EMET is a free program that adds a layer of security applications and Windows. This protection should make it harder to exploit any vulnerabilities in the software. The advice is further supplemented with known measures, such as the timely installation of patches and making backups.

No comments:

Post a Comment