Anderson Kerry
J Bus Contin Emer Plan. 2017 Jun 1;10(4):298-307.
Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.
一些事件响应从业者认为,自互联网广泛普及以来,他们就陷入了与网络犯罪分子的斗争之中。最初,各组织在预防和遏制网络攻击方面取得了很大进展。然而,在过去几年里,网络犯罪分子已变得善于规避防御安全技术,并迅速改变其利用策略以获取经济或政治利益。类似于军事作战战术的变化,网络犯罪分子利用分布式攻击单元、实时通信以及迅速变异的攻击手段,以尽量减少被发现的可能性。网络犯罪分子已经改变了他们的攻击模式。本文描述了一种新的事件响应模式,旨在应对新型网络攻击,重点在于灵活性,以提高组织对这些新挑战做出快速响应的能力。
