“The main occurrences of cyber attack based thefts will continue to be from Financial institutes that have not raised their level of defense to one that is capable of bypassing simple attacks. Keeping that in mind, the focus is shifting towards valued information, far from the financial sector. There will be more attacks in Organization with production floors”, Said Amit Meltzer, a senior cyber defense advisor.
Meltzer spoke during an event of the CISO forum, Organized by People and Computers. The event was hosted by Avi Weisman, CEO of SEE Security.
Meltzer talked about different aspects and trends in the information security field: “The political climate is still friendly for cyber attacks – International legislation against cyber crimes made progress but isn’t perfect as of yet, and there are countries where the criminals can act from without much intrusions. Those countries are keeping a blind eye on such activities as long as they can use the criminals for espionage.”
He gave an interesting look on the face of current cyber attacks: “There is a development in so called ‘Dark Economy’. These criminal based transactions and infrastructure offer whoever wants to buy attack kits and develop advanced attack methods relatively fast, attacks that are going unnoticed.
He also said that “The attacks will intensify rapidly and in conjunction with the progress of the ‘internet of things’, a trend that makes the environment filled with threats. Those threats are not just IT-related and require a broader kind of thinking. There is a trickle down of cyber attack products from the high end market to a more larger audience, products that are being bought and sold in illegal websites in prices ranging from 100$ to 1,500$.
Meltzer spoke about the Israeli Market, revealing it has less value for high profile cyber criminals, for a few reasons: “Its size, making the motivation to attack Israel more nationalistic than criminal. Israel is also the backyard for many of the attacking organizations, and you don’t Defecate where you eat, sort of speak. The Hebrew language is a reason, but not a major one.”
“In order to avoid cyber attacks, there needs to be changes in the defensive processes, adding more technologies. The only way to counter attacks, is merging organizations centers into one center, with a joint working process. Also, without giving the security personnel access to critical processes, the latter will be hard to defend. The methodology is to protect the core assets instead of identifying the attacker. The business is more important that chasing the criminals”, concluded Meltzer.