“RSA helps organizations confidently secure identities and information access. With industry-leading security solutions, RSA protects more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. By protecting critical resources from unauthorized access and helping businesses achieve regulatory compliance, RSA helps you deliver on the productivity and profit potential of the Internet.” While this statement from a computer security firm might be reassuring, last year hackers infiltrated RSA’s computers and stole some data – though not enough for serious damage. With everyone from Fortune 500 corporations to Google, the Pentagon and your local hospital being hacked it’s increasingly clear that computer security is probably nonexistent. According to security researcher Dan Kaminsky, everyone should face the fact that firewalls don’t work and it’s time to use other methods to secure information.
Instead of trying to guard against an attack, Kaminsky says companies should accept that hacking happens and learn to live with that fact. Hackers are on the hunt for different things. Some may be looking for usernames and passwords to steal banking information or to hijack computers for sending spam messages. In other cases they are seeking intellectual property or government secrets. A big problem is that attacks can go unnoticed for days, weeks and in some cases more than a year. This doesn’t mean that companies should simply ignore the idea of threats, but rather they should continue to be actively vigilant and act quickly to secure their networks once an attack has been detected. Here are some strategies that could help: Close all loopholes immediately. Check for backdoors hackers may have installed. Whenever possible, store critical information offline. Use encryption for things you would not ordinarily consider. Use a network of smaller servers rather than a large server farm. And as always, be prepared for an attack by keeping backup files in case you need to restore your site.
- Everyone Has Been Hacked. Now What? (gizmodo.co.uk)