This weekend the IMF announced it had been subject to a sophisticated cyber attack earlier this year. The hack was designed to create a “digital insider presence”, compromising at least one desktop and generating suspicious file transfers.
The IMF has revealed very little about this incident but with the FBI now involved, and the World Bank cutting its network connection to the organisation, we can safely assume that the attack is of a serious nature.
As yet another high profile organisation falls victim to a data breach we are once again forced to question whether it is actually possible to protect data from hackers.
The sheer number of headline grabbing incidents suggests that attempts to prevent cyber attacks from occurring in the first place may be ineffective and that a new approach is required.
There are some calls for employees to play a bigger role in detecting suspicious activities. While it is always helpful for staff to be alert, this misses the point – organisations already have all the information required to spot and fight breaches at their disposal.
The key to stopping hacks before they have a chance to do serious damage is stored in the log data generated by IT systems. These provide the traceability required to spot patterns of suspicious behaviour in real-time.
Due to the volume of logs generated it is essential organisations have centralised, automated systems in place that can provide the 360 degree visibility needed to identify and respond to increasingly sophisticated attacks.