Blog

Calling wolf: distinguishing technological glitches from legitimate cyberattacks

BY eSentire

July 10, 2015 | 2 MINS READ

Want to learn more on how to achieve Cyber Resilience?

TALK TO AN EXPERT

The reported outages this week at the New York Stock Exchange (NYSE), the Wall Street Journal and United Airlines again bring to the light the central role technology plays in our interconnected world. Our dependency on the ability to seamlessly trade stock online or book an airline ticket has become the same as the expectation associated from any modern day convenience, like instant hydro or clean water.

The outages experienced by NYSE, the Wall Street Journal and United Airlines were coincidental technical glitches. Given the rash of big-brand cyberattacks experienced in recent months, many were quick to assume that these glitches were associated with a cyberattack. At eSentire, we’ve been repeatedly asked if these cases could be the result of a subtle cyber breach.

An important consideration here is the distinct difference between a ‘glitch’ and a cyberattack.

Glitches or technical outages refer to a system failure resulting in the downtime of its core service or primary function. This can result from equipment failures, improperly executed maintenance or weaknesses in software code. Cyberattacks on the other hand, refer to offensive activities with simple objectives in mind: they are designed to steal, alter or destroy data.

Our nation's response to this week’s outages showed a crack in our collective psyche. It’s like we have cultural Post Traumatic Stress Disorder (PTSD), so raw that even a benign technical outage can trigger fear that cyber criminals have struck again. Our heightened awareness of cybercrime and data breaches, combined with our dependency on technological interconnectedness, has led to a new cyber-psychological condition.

Cybersecurity must be an ever-present consideration. In this, or any other case that may indicate a cyberattack, it’s critical that a company has a documented cybersecurity program that includes an Incident Response (IR) plan. This IR Plan is the playbook used to determine the extent of a breach (if a breach did in fact occur), and lays out the procedures to seal the breach, quantify what data has been stolen, and how to report the breach to investors, clients and law enforcement agencies.

This week we all jumped at the mere thought of a cyberattack and responded by asking the difficult questions. In return, we received calming responses. I for one applaud this reaction. It’s important to show a healthy dose of skepticism. Collectively we need to face the threat head on, rather than turn our backs and secretly feel grateful that we weren’t the victim.

eSentire
eSentire

eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.

Read the Latest from eSentire