Know your (cyber) enemy

Picture this: Your company’s network is facing a DDoS attack, but you have no idea who is responsible or what their motivation might be. Without this knowledge, you can’t tell if they want money in exchange for stopping the attack or if the attack is a diversion to occupy your security team while your network is being penetrated and commercial secrets are stolen.

In the aftermath of a network breach it can also be incredibly useful to know some information about the likely attackers. That’s because knowing who they were — or just where they were from — can help you carry out a more accurate damage assessment exercise.  This knowledge can guide you where to look for signs of data compromise, and what other specifics (such as exploit kits or Trojans that may have been left behind) to search for.

To read this article in full or to leave a comment, please click here

Read more: Know your (cyber) enemy

Story added 14. December 2016, content source with full text you can find at link above.