Loading...
Skip to content
BAE Systems
 
Cyber Security Blog

Read our insight and intelligence on the evolving cyber security challenge facing organisations and governments.

 

Part Three - How to catch a cyber thief: Robust investigation

 

Written by: Dr. David Bailey, Chief Technology Officer

This week we look at step 3, our penultimate step to catching the cyber-thief:

1. Effective Detection
2. Good Intelligence
3. Robust investigation
4. Making it Happen

If you missed last week’s post on Good Intelligence, or you just need a refresher course, please see the previous posts below.

Robust Investigation

It’s all well and good finding threats using a range of detection techniques and by exploiting the best intelligence at your disposal but without the ability to turn that insight into something the business can take action on, it’s not going to deliver the benefits needed.

Continue reading

 

Part Two - How to Catch a Cyber Thief: Good Intelligence

 

Written by: Dr. David Bailey, Chief Technology Officer

In our ongoing quest to catch the cyber thief, this week we look at step 2:

1. Effective Detection
2. Good Intelligence
3. Robust investigation
4. Making it happen

If you missed step one last week, please see the previous post exploring Effective Detection below.

Good Intelligence 

With a combined detection strategy covering both correlation and behavioural analytics in place, having the knowledge of what the current cyber-crime climate is will help you to prepare for threats that may come your way. Good intelligence on who the latest cyber espionage groups are, why they are attacking, which tools and techniques they are using and who they are targeting are all valuable pieces of information in preparing yourself against attack.

Continue reading

 

How to Catch a Cyber Thief: Effective detection

 

Written by Dr. David Bailey, Chief Technology Officer

The ever-increasing importance and interconnectivity of the digital world is hugely exciting for businesses and consumers alike. However, it also presents growing opportunities to would-be cyber thieves. This means that now, more than ever, being well informed and prepared is vital to the protection in the connected world.

Building an effective security programme is far from simple. With technology and your business constantly changing and the cyber thief becoming smarter, you need to stay one step ahead.

To that end, welcome to our 4 stage, 4 week guide to being able to detect the cyber thieves who have their eyes on your network. We will take you on a journey through the 3 fundamentals for security monitoring and lay out what you need to do to make it happen in your organisation.

Continue reading

 

Passable passwords

 

Written by Dr David Bailey, Chief Technology Officer

The story about the recent eBay data breach was followed by advice to users to change their password as soon as possible, not only on eBay but also on other accounts that share an ID or password. It needs to be done – both to protect the users online identity and prevent fraud. But how many people, either because of lethargy, lack of awareness or password amnesia, have yet to do so? Nobody appreciates going through their online accounts and changing passwords but with an understanding of how criminals wring value from stolen personal data, it is possible to construct strong, memorable passwords that put you at considerably less risk when one of your web service providers is hacked.

Continue reading

 

The risks in Risk Management

 

Written by Scott McVicar, Managing Director, Cyber Security

Samuel Johnson’s house faces one end of a shadowy cobbled courtyard in London’s West End, not far from a client of mine. He wrote a journal called ‘The Rambler’ which provided to the rising middle-class of the 18th century with the social fluency they sought to converse in aristocratic social circles. Had cyber security been a topic of conversation in Regency salons, the following quote would have made the sayer seem exceedingly wise:

“Fear is implanted in us as a preservative from evil but its duty, like that of other passions, is not to overbear reason, but to assist it. It should not be suffered to tyrannize the imagination….”

Continue reading

 

Security in the Digital Age

 

Written by Dr David Bailey, Chief Technology Officer

There’s no doubt that Internet security has made it into the public consciousness. The Heartbleed bug last month showed how a single technical issue can affect huge numbers of users due to the interdependencies in the infrastructure the Internet depends on, and the recent eBay breach has potentially compromised the personal information of hundreds of millions of users, leaving them open to identity fraud and other abuses. The time it took eBay to notify customers, and the scale of the remediation required show how businesses have to have comprehensive processes in place to deal with this kinds of incidents.

Continue reading

 

Critical security advisory for the Heartbleed SSL Vulnerability

 

Written by Dr David Bailey, CTO, Cyber Security

A vulnerability relating to internet security has been disclosed this week which cuts to the heart of the privacy and integrity of many of the web services and applications upon which we as businesses and consumers depend. Vulnerabilities are identified in software all the time – the CVE List (http://cve.mitre.org), which is the standard reference, has named roughly 2,500 new vulnerabilities this year alone – and organisations will have processes in place to update their software and systems to address these.

Continue reading

 

Target breach

 

Written by Dr David Bailey, CTO, Cyber Security

Keeping your business competitive in today’s connected world requires collaboration with a wide range of organisations and individuals that sit outside of the traditional enterprise. This includes your remote working employees, supply chain, business partners and customers. This in itself isn’t news as businesses have long looked to provide access to their systems and information in order to help improve profitability and drive growth.

Continue reading

 

What did we learn from RSA Conference?

 

Written by: Events

BAE Systems Applied Intelligence joined a stellar array of other luminaries, visionaries, and experts at the RSA Conference 2014 which held a multitude of perspectives and insights last week in San Francisco.

Continue reading

 

Taking control: Defence-grade cyber security for in-house analysts

 

Written by: David Garfield, Managing Director, Cyber Security

It has been widely acknowledged that enterprises today face a range of cyber adversaries intent on stealing high-value information or disrupting critical services in order to inflict damage or to gain unfair competitive advantage. Whilst traditional defences such as AV and firewalls remain important (particularly for traditional threats), it should be remembered that these have been proven relatively easy to circumvent by the determined cyber adversary.

Continue reading

 

Cyber threat group re-emerges: BAE Systems Detica detects re-emergence of activity by most prolific Chinese threat group

 

Written by: David Garfield, Managing Director, Cyber Security

One of the top cyber stories of 2013 has undoubtedly been the disclosure in February of alleged connections between a clandestine espionage group and a Chinese military unit in Shanghai. Whilst we can't comment on the validity of this connection, we can state that the espionage group in question went immediately quiet on the day of this revelation and that neither we nor our contacts have seen activity since.

Continue reading

 

Education, education, education: global centre for cyber security opened at the University of Oxford

 

Written by: David Garfield, Managing Director, Cyber Security

At Detica, we’ve long advocated the importance of education and of raising awareness around cyber threats, so it was encouraging to see the announcement that a global centre for cyber security will be opened at the University of Oxford. The centre will work to help countries develop comprehensive plans to deal with online threats and share best practice, and is an important addition to the UK’s growing cyber security operation. Having active research and academia more formally engaged in cyber security is a key component to developing an effective response to the malicious cyber threats that exist

Continue reading

 

Please note that the material set out herein has been created for discussion purposes only and does not necessarily reflect the position of BAE Systems Applied Intelligence on these subjects.

 

Contact

For further information or to talk to an expert, please contact us.