Recently, we conducted a mini-webinar series on Managing Security for eDiscovery with Modus Discovery CIO John Crites. Over the next few weeks, we’ll be posting information that was shared in each mini-webinar, with a link to learn more about each section.
Today, we’re covering threats to information security.
Where are threats coming from? Who is making threats and what are they going into? This is a changing landscape, so what is happening today will be growing tomorrow.
Today, 75 percent of hacking attacks are successful within minutes, and another 15 percent simply require a few more hours. What this means is that 90 percent of the focused hacking attempts are successful. The top source of attacks is not Chinese hackers or overweight basement dwellers but dissatisfied employees. If you’ve trusted an employee with the passwords to your network and they’ve become dissatisfied, chances are they’re going to be successful at causing damage. In the webinar recording, we talk about other probable sources of attack.
The median number of days before attacker does something in your network is about 200. This means that when an attacker hacks into your law firm’s network, they’re going to spend a good deal of time in there researching and planning their attack. They may be in your network now.
Who are the likely sources of an attack? In addition to disaffected employees, many are state sponsored. We all have heard about Russia hacking in to our election process. China has a branch of its military dedicated to cyber hacking. Other attacks come from individuals believing they are exposing information for the greater good. In the webinar, we discuss one example of an organized crime group and the attack they made on one firm.
What are these people attacking? One of hackers’ most cherished targets are administrator accounts. These are people with privileged access, who can log on to your servers and delete them, delete your production code, and implement ransomware. In the recording, we continue the discussion on targets.
The takeaway is to assume that you are vulnerable. Don’t assume that because you have passwords and a firewall that everything is protected. Always assume that you are vulnerable and manage that risk.
In the recording, we also cover:
- The number of publicized breaches and the resulting amount of stolen data
- The number of ransomware applications that are being used by criminals today
- What is STUXNET
- Attack profiles
To watch Part One of the mini-webinar series, click here now.