Hacking doesn’t happen only to other people.
While last spring’s notorious Sony hack may have implied that the biggest targets are the most vulnerable, any organization can be a victim — and, perhaps surprisingly, an unwitting perpetrator.
I’m talking to you, IT infrastructure companies. As a class of business, IT providers may be hip to risk as a matter of course, but they aren’t exempt from the rules of the game and, given their special position in the information security ecosystem, attacks directed their way can be enormously consequential.
Deploying appropriate security protections, with technologies such as clustered firewalls and intrusion detection and prevention systems (IDPS), doesn’t come cheap. The fact is, many of the smaller players in the hosting business can’t and don’t make that investment.
At the other end of the hosting spectrum, one of the industry’s largest providers was recently attacking a mid-range player from thousands of servers each night — and the big provider’s security detail couldn’t even see the ongoing attack emanating from its own environment. Which raises the really big question: if they couldn’t discern the attacks going out, can they see them coming in?