Business technology, IT news, product reviews and enterprise IT strategies. 5 signs you've been hit with an advanced persistent threat | Security. Hackers who employ APTs (advanced persistent threats) are a different breed. A real and constant threat to the world's companies and networks, APT hackers tend to be well organized, working together as part of a professional team. Their goal, typically, is to steal valuable intellectual property, such as confidential project descriptions, contracts, and patent information.
Generally, APT hackers employ familiar methods, using phishing emails or other tricks to fool users into downloading malware. But the ultimate objective tends to be very ambitious. . [ Brace yourself for IT's 9 biggest security threats. | Find out how to block the viruses, worms, and other malware that threaten your business. | Learn how to protect your systems with InfoWorld's Security Central newsletter. ] Because APT hackers use different techniques from ordinary hackers, they leave behind different signs.
Those data flows may also be limited, but targeted -- such as someone picking up email from a foreign country. 10 hard truths IT must learn to accept | It management. In a perfect world, your network would suffer no downtime and be locked down tight. You'd be in perfect compliance with all government regulations, and your users would all be self-supporting. The cloud would take care of nearly all your infrastructure needs, and there wouldn't be a single device accessing the network you didn't first approve of and control. Also: You'd finally get the respect and admiration you truly deserve. [ Bring peace to your IT department by avoiding IT turf wars. | Find out which of our eight classic IT personality types best suit your temperament by taking the InfoWorld IT personality type quiz. ] Good luck with all that.
The gap between your dreams and cold hard reality just gets wider every day. Here are 10 things IT must learn to live with. IT concession No. 1: The iPhone revolution is here to stayMore and more workplaces these days resemble a geeky party that's strictly BYOD (bring your own device). What to monitor to stop hacker and malware attacks | Security.
The 2012 Verizon Data Breach Investigations Report released last week continues to reverberate. The stats that jumped out at me: 96 percent of data breaches were relatively easy for attackers to pull off, and 97 percent of those attacks were easily avoidable. Want to protect yourself against malicious hackers and malware? Do the basics better and more consistently. Patch better, isolate better -- and for god's sake, enable your monitoring. [ Also on InfoWorld: Find out what other security threats the 2012 Verizon Data Breach Investigations Report turned up. | Download InfoWorld's Log Analysis Deep Dive Report by security expert Roger Grimes. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ] According to the report, 85 percent of victims were unaware of their compromised state for weeks- to months-long stretches.
When they did become aware, 92 percent of the time it was because an outside third party told them. The ultimate guide to preventing DNS-based DDoS attacks | Security. When it comes to DNS, Cricket Liu literally wrote the book. He has co-authored all five editions of O'Reilly's "DNS and BIND" book, which is generally regarded as the definitive guide on all things relating to the Domain Name System. Cricket is currently chief infrastructure officer at Infoblox. DNS is clearly a critical component of computer networking, but there are times when these tools can be used for malfeasance. In this week's New Tech Forum, Cricket takes a look at the growing problem of DNS-based DDoS attacks and how to deal with them. -- Paul Venezia DNS-based DDoS attacks: How they work and how to stop themThe DNS-based DDoS (distributed denial-of-service attack) has become one of the most common destructive attacks on the Internet.
In this article, I'll describe how DDoS attacks both exploit and target DNS infrastructure. Spoofing DNS queries is particularly easy because they are usually carried over UDP (the connectionless User Datagram Protocol).