According this recent article in Foreign Affairs, the Pentagon has an updated and evolving cyber defense strategy:
To meet this growing threat, the Department of Defense developed a strategy for operating in cyberspace that has five pillars: treating cyberspace as an operational domain, like land, air, sea, and outer space; employing active defenses to stop malicious code before it affects our networks; protecting commercial networks that operate the critical infrastructure that our military relies upon; joining with allies to mount a collective cyberdefense; and mobilizing industry to redesign network technology with security in mind. (The strategy is available at www.defense.gov/cyber.)
The article also mentions that private networks are also susceptible to attack as well, but that measures have been taken to counter those forms of digital aggression as well:
…One year later, U.S. military networks are better defended, the U.S. Cyber Command is fully operational, and we have made progress working with private industry to secure critical infrastructure.
Victims in today’s cyberwar aren’t just the military targets, as numerous well-known private sector business, like Google, Sony’s Playstation, and Citibank, have also been targeted.
What’s an ecommerce business to do when the hackers start drilling into the gates? The real challenge is that there are numerous ways in and out of the castle. Hackers don’t just have the front door in their cross-hairs, but analyze targets from various planes of attack, which may include: social media, ecommerce platforms, blogs, and even email.
In several earlier blogs we’ve discussed preventative steps merchants should take when they are using the previously mentioned channels of communication and commerce:
1) How to Thwart Firesheep’s Social Media Spies–Critical for Coffee-Shop WiFi Users
2) Hack Protection Tips For WordPress Beginners
3) Yahoo! Store Platform, a Safe Choice for Ecommerce Merchants?
When it comes to protecting against email hacks and attacks, consider following these medical facility best practices that Stefan Magura, CEO of Blue Ridge Bone & Joint Clinic has shared with us:
We have a few different things implemented to prevent malware, and hackers from entering our network. We use a securely configured hardware firewall, enterprise level anti-virus/spyware, all of our email is scanned for malware prior to being delivered to us, and we have an intrusion detection system in place.
While there are no foolproof methods of sealing hackers out of your systems, it’s always best to install up to date anti-virus, anti-spyware, and firewall programs, while also keeping a strict policy of employee internet / digital systems control in place.
To report internet-related, cyber-crimes, visit this U.S. Dept. of Justice government website.
Feel free to share your security tips and suggestions by commenting on this blog.