By monitoring the threats as they become more dangerous over time, effective patches can be put in place. The Sasser worm targets a weakness in Microsoft Windows Local Security Authority Subsystem Service (LSASS.) At this point, the worm doesn't look to do serious damage--and no damage at all to those who have installed the relevant patch--but it could become more dangerous if more variants are created.
"Hackers will try a test bed first," said Cottingham. "They tweak the code. We watch these attacks bubble up. When they get it right, it can propagate in 10 minutes. These things can really go when they go." AT&T has more than 350 security analysts, including several PhD cryptographers, who monitor Internet traffic 24 hours a day, seven days a week. Cottingham noted that they examine protocols and not customer payloads, so there's no violation of privacy involved.
Cottingham noted another new security trend: more threats to enterprise networks are coming from within the enterprise than from without. Better defensive firewalls, filters, and systems are in place to block threats from entering through enterprise portals. Often, a traveling employee with a laptop will inadvertently introduce a virus or a worm to an enterprise network. The AT&T approach--forcing remote-access workstations to have anti-virus software in place or the machine will be blocked from the network--has been an effective way of dealing with many internal threats, Cottingham said.
What about a killer threat, a virus that some say could bring down the entire Internet?
"We haven't seen the big one," said Cottingham. "No one can predict that it will happen." If and when it comes, he said the security world will be ready for it. While he believes the Web won't ever be completely free from malicious cyber attacks, he said its security is improving all the time and is gaining on the cyber terrorists.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
