A survey from Lieberman Software Corporation revealed that 83 percent of IT security professionals are still confident that their perimeter security tools, like firewalls, can react quickly enough to defend against today’s sophisticated cyber attacks. This assumption could ultimately be putting consumer and business data at risk.
The study, which was conducted at Microsoft Ignite in May 2015 and measured the attitudes of nearly 150 IT professionals, also revealed 29 percent of those surveyed do not feel confident that their IT teams would have the ability to detect an intruder attempting to breach their network. However, this could be a result of the tools they are using not having the capability to detect today’s stealthy hackers.
Commenting on the survey findings, Philip Lieberman, CEO of Lieberman Software, said: “Next generation firewalls, intrusion detection systems and the like can be potent deterrents to known dangers. But when it comes to advanced zero day threats and precisely targeted phishing attacks, perimeter security tools are ineffective. Companies still relying on these solutions to protect against today’s advanced cyber attacks should prepare for the consequences.”
Other findings from the study revealed that when an intruder is detected on an organisation’s network the most common mitigation technique is for IT staff to take manual action to stop them carrying out further malicious activity.
“Competent attackers are capable of quiet intrusions and the take-over of existing credentials found on compromised systems,” Lieberman said. “With that in mind, we recommend regular reboot of systems, discontinuance of the use of domain administrator accounts, regular invalidation of Kerberos tickets to force re-authentication, and the use of very short lifetime credentials for passwords, SSH keys and certificates used for authentication. “
“We also recommend automating privileged identity management and removing humans from the process of service account password changes,” Lieberman continued. “This reduces the manual burden placed on IT staff and helps overcome automated cyber attacks that nest within environments, hoping to use long lived administrative passwords.”