What can others learn from Stratfor's mistakes?

Opinion by Owen Cole

In the last year, there has been an unprecedented wave of hacking attempts across a variety of organisations.

In the last year, there has been an unprecedented wave of hacking attempts across a variety of organisations.

From the high-profile outage of Sony's PlayStation network to the hacking of The Sun's website, it is clear that malicious intervention is becoming a serious threat to businesses' networks, data and, ultimately, their reputation.

The most recent high-profile example was the hacking of global intelligence company Stratfor's website. While this was the result of a targeted attack by the notorious hacker group Anonymous, I was particularly surprised to read that in this day and age the issue managed to bring down the company's servers, forcing the organisation offline.

The internet is now a critical resource for both gathering information and generating revenue, and is often the first point of call for consumers when interacting with a brand. Therefore it does not take a genius to work out that any period of downtime to an organisation's website can have serious implications for business. 

In his statement released earlier this month, Stratfor CEO George Friedman explained the hacking of the company's website and apologised to its customers for failing to encrypt their personal data.

Reference was made to some topical issues, including the notoriety attained by Anonymous. However, Friedman placed the blame for the security breach largely on the rapid growth of the company, rather than its failure to implement sufficient IT measures.

Accelerated growth is not a credible excuse for poor execution of a company's corporate responsibility, and with legislation such as PCI, organisations that hold sensitive information such as credit card details need to take steps to protect those who have faith in those they are transacting with.

What's worse is that Friedman admitted knowledge of a previous attack on the website at the beginning of December, but failed to put proactive measures in place to ensure the company was better prepared next time.

There is no doubt that Stratfor was at fault with regard to its processes, both in terms of administrative and, more importantly, information security. While steps were made to standardise methods to protect consumers' information in transit across the internet using SSL encryption, the same level of protection should always be applicable to data that has been entrusted to any organisation by its customers.

Equally, faults caused by malicious intervention are actually relatively simple to detect with the correct technology, meaning downtime could have easily been avoided.

The problem is that many companies do not actively monitor the performance of their systems due to the overhead required by traditional, ‘bottom up' approaches that focus on gathering data and analysing it after something goes wrong. As Stratfor and many other organisations discovered in 2011, the growing complexity and scale of today's environments means that this approach is no longer sufficient.

Businesses exploiting the internet as an easy platform and mechanism for communication must understand the complexities of this platform and take the necessary precautions.

This inherently includes employing the correctly skilled individuals and the right technology, whether that relates to securing data via encryption, or ensuring that applications are available and performing correctly at all times using technology such as network-based application performance management (APM).

For example, by simply adding a network-centric APM solution to their existing packet-based network monitoring tools, organisations are able to identify any problems more quickly through proactive early warning, dramatically decreasing the time taken to resolve the issue.

Stratfor's mistakes should act as a warning to any business operating online, demonstrating why organisations need to move towards a smarter, more integrated and proactive approach to network security.

In today's fickle world, we expect services to be working 24/7, and with the rise of cloud computing and the increasing complexity of networks for mission-critical applications, it is vital that organisations are able to see, predict and fix issues in real time.

Businesses now need to move towards a ‘top down' approach that implies better intelligence to the network and applications, and in a world where many businesses are now dependent on the internet to provide revenue, proactive monitoring and troubleshooting are things that no organisation can afford to be without.

Owen Cole is EMEA vice-president of ExtraHop Networks


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events