Good morning. The finger-pointing has started as companies and security vendors struggle to contend with endless nation-sponsored cyberattacks. Vendors are becoming defensive when systems they protect are successfully infiltrated or brought down by massive distributed denial of service attacks, consultants are blaming government agencies for a lack of transparency, and some lobbyists are accusing the federal government of trying to impose rigid cybersecurity standards on the private sector.
The Wall Street Journal revealed Thursday its computer systems had been infiltrated by Chinese hackers; the New York Times reported Wednesday its systems had been infiltrated by Chinese hackers (more details below). Symantec Corp. felt forced to defend itself Thursday, saying a single system can’t defend against a multipilicty of various attack vectors, after it was revealed its software didn’t prevent the Times intrusion. The direct costs of these attacks are staggering; according to security firm Solutionary Inc., it can cost firms $6,500 per hour to recover from a distributed denial of service attack, and recovery and mitigation from malware attacks costs an average of $3,000 per day; moreover, it said in an email to CIO Journal, antivirus protection fails 54% of the time.
While the U.S. government is trying to convince large businesses to accept a voluntary cyberseucrity information sharing framework, consultants specialized in helping organizations recover from a DDoS attack or intrusion say they’re not getting help from U.S. government agencies in a timely manner. Michael Friedberg, partner at Stroz Friedberg, says agency protocols concerning classified information are preventing it from sharing data that could help companies fend against an ever-growing wave of cyberattacks.
read more.........http://blogs.wsj.com/cio/2013/02/01/the-morning-download-cios-caught-in-cyberwar-crossfire/?mod=yahoo_hs