Ward off Chinese and Russian Cyber Spies with Log Management Alerts

In the first public accusation from U.S. officials, the Office of the National Counterintelligence Executive published a report warning the U.S. to expect more cyber espionage from Russia and China. Why these two countries?

The report says that China is one of the world’s “most active and persistent perpetrators of economic espionage” (you might recall LogLogic was interviewed regarding the Shady RAT incident in August). In the past, they have not hesitated to use people with insider access to corporate America. As Russia tries to diversify its economy, Russian intelligence is collecting economic information from the U.S. to try and gain an advantage.

An interesting bit of irony in the report is that cyber-spying is expected to increase because of U.S. consumers. As more people use their mobile devices to access and store sensitive information, cyber spies have more vulnerabilities to exploit. What’s worse, without a solution in place to monitor network activity in real time, it can be very difficult to trace the origin of a cyber attack.

The report recommends that organizations protect themselves by encrypting information, using multifactor authentication, and conducting real-time monitoring of networks. One way to do this last part—listen to your logs. It’s not enough to save your log files; you need to be able to search them when something goes wrong. You should also set up a series of alerts to be notified in real-time of events like intrusions, outages and the occasional cyber spy lingering round your network. And that’s where we can help.