Imperva outlines how hacking has become industrialized, details monitoring processes to forecast and disrupt future hacking targets

AUSCERT: Gold Coast, 17 May 2011 – Imperva, the leader in data security, today presented “Cyber Vigilantes: How Security Researchers are Hurting the Business of Hacking” at this year’s AUSCERT Conference. The presentation detailed how developments in hacker attack techniques are overwhelming organisations today, increasingly innovative and bypassing security protocols due to insufficient time and internal corporate resources needed to defend ongoing attacks. Imperva detailed industry vulnerabilities how to best protect against these data intrusions in the future.

In 2010 Imperva launched its Hacker Intelligence Initiative to investigate the anatomy of attacks as well as key hacking trends by exploring the cybercrime industry utilizing techniques including hack-back, forum monitoring and internet traffic surveillance. The HII’s purpose was to help the industry better tune their defences and understand the nature and focus of cyber attacks.

Imperva’s Web Research Team Leader, Tal Be’ery confirmed: “Hacking has become extremely industrialised. Attack techniques, vectors, tools and platforms continue to evolve very rapidly, even for those of us working in the data security sector. Each industry faces a varying list of vulnerability possibilities for intrusion. For example the financial services sector is not exposed to authorization vulnerabilities in the same way the telecommunications sector is. This makes it very difficult for organisations to understand and provide the unique resources and time they need to manage these issues as they happen.”

Be’ery also outlined the drivers for the most recent attacks and areas of interest noting, “for example hacker interest in mobile has increased. There was almost a ten-fold hacker interest in mobile last year, and we have seen nothing that refutes its continued growth this year.”

The presentation detailed the methodology employed by Imperva research labs to measure both quantitative and qualitative analysis of information being disclosed. Be’ery said: “We monitor the communications of hacker forums and rate the most popular topics being discussed today. By understanding the business of hacking we can look at activity including: the discovery of full-fledged Cross Site Scripting (XSS) attack campaigns, server-generated Distributed Denial of Service (DDoS) attacks, a data collection containing millions of users passwords, and cloud-based technologies used by hackers.”

The Imperva research team is also responsible for monitoring the growing range of tools and kits for every attack type, known automated attacks and the emerging automated attacks.

In order to help the audience gain an understanding of which controls they should apply to secure their systems against the evolving hacking industry Be’ery summarised his recommendations for protecting corporate data:

· Introduce proactive detection into your security environment

· Assess what is sensitive data and apply the necessary controls on that data

· Stop attacks before they even enter your application

· Ensure guards are updated in real-time

· Follow up on trending attack techniques and models

· Irrelevant controls are not necessarily old controls