The Importance of Analyzing Cyberthreat Intelligence
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says. Besides getting away from the mentality of a perimeter defense, Labarre says risk assessors should avoid "a myopic focus on just looking at vulnerabilities. Be smart about what you're doing. Focus on the intelligence out there that tells you where you could be attacked. Look at the attack surface itself and figure out how to protect that."
The focus on DDoS risk assessments comes at a time when U.S. banks have been under repeated DDoS assaults. Since last September, the FBI counts more than 200 separate DDoS attacks on at least 46 financial institutions [see FBI: DDoS Botnet Has Been Modified]. And Anonymous threatens to strike at U.S. federal government and bank websites on May 7 in what the hacktivist group calls OperationUSA [see OpUSA Threatens Banks, Government]. In an interview with Information Security Media Group, Labarre:
An attack surface is the code within a computer system that could be run by unauthorized users.
- Outlines steps organizations should take to assess their vulnerability to DDoS attacks;
- Explains how nation-states pose different threats than do criminal gangs and hacktivists to enterprises; and
- Discusses the importance of gathering intelligence in defending against DDoS attacks.
Follow Eric Chabrow on Twitter: @GovInfoSecurity