英特尔：抵御网络袭击的关键在于“黄金一小时”

    一份最新报告显示，当企业遭受网络袭击时，他们有一个小时的窗口期发现此次攻击并进行应对。

    在周一上午发布的一份报告中，微芯片巨头英特尔声称，“黄金一小时”是企业在遭受网络袭击时避免遭受重大损失的最关键时期。但受到攻击的企业往往没有意识到他们遭到了危险，或是没能迅速采取行动阻挡黑客的侵袭。

    “黄金一小时”原本是一句医学行话，用来指创伤患者最有可能生存下来的窗口期。

    英特尔公司安全总经理克里斯•杨指出：“速度很重要。当遭到袭击时，有一个采取应对行为的‘黄金一小时’，这一小时要从探测到攻击迹象时开始计算。而对数据进行手动分析，则会拖慢我们在这一关键时段内的反应速度。”

    去年许多知名公司都遭到了严重的网络袭击。索尼、Anthem和Kmart等企业的计算机系统都曾被黑客侵袭，被盗走了内部文件或敏感客户信息。

    英特尔的报告主要基于对全球大型企业的700名IT和网络安全人士的调查。该报告主要阐释了为什么企业界会发生这么多严重的信息泄露事故，以及这些企业为何没有成功发现并做出应对。

    受访者们表示，单单是过去一年，他们的企业就平均进行了78次安全调查，这充分表明了黑客问题的严重性。其中28%的调查是围绕着定向袭击展开的，因为定向袭击不仅更加复杂，而且它们是针对一个特定目标发起的，或是旨在盗取特定类型的信息，比如涉密员工或客户的数据等。一般来说，大多数定向袭击都与恶意软件有关，也就是说用户的PC可能受到了病毒或间谍软件感染。

    去年，员工人数在5000人以上的企业平均遭遇了150次网络袭击事件，而员工人数在1000至4999人的企业平均遭受了41次网络袭击。员工人数在500至999人之间的小企业平均仅遭受了31次网络袭击。

    有些时候，企业之所以没有探测到一起正在发生的网络袭击，是因为企业使用的不同的网络安全工具之间形成了漏洞。一家企业的各个部门往往使用不同的安全工具，这就导致有时收集到的数据无法形成共享，因而难以实时判定网络袭击的发生。

    克里斯•杨表示，鉴于网络袭击频繁发生，各大企业的董事会已经普遍认识到了网络防御的重要性。许多企业高管通过新闻媒体了解到其他企业发生的网络袭击事件，从而对网络安全给予了更多的关注。

    克里斯•杨表示：“网络安全问题已经从机房走向了董事会，这对行业来说是件好事。越来越多的公司正在向网络安全与防护领域投入更多关注和预算。”（财富中文网）

    译者：朴成奎

    审校：任文科

    Businesses under a cyberattack have a one-hour window to detect the breach and contain it before they risk losing control, according to a new report.

    This all-important “golden hour” is the most critical period for companies to defend themselves without suffering huge losses, microchip giant Intel said in a study released early Monday morning. But all too often, victims fail to realize they are in danger or quick enough to stop the hackers.

    The term “golden hour” comes from medical jargon used by doctors to refer to the window in which trauma patient have the highest likelihood of survival.

    “Speed counts,” said Chris Young, a general manager for security with Intel INTC -0.63% . “There is a ‘golden hour’ for corrective action, and the clock starts the second an attack indicator is detected. Manually analyzing comprise data slows our response in those first critical minutes.”

    The findings come amid a proliferation of high-profile cyber attacks in the past year. Sony, Anthem and Kmart have all had their computer systems pilfered of internal documents or sensitive customer information.

    Intel’s report, based on a survey of 700 IT and security professionals at mid and large-sized organizations across the globe, is intended to shed light on why companies are seeing so many serious data breaches and the roadblocks keeping them from detecting and responding.

    Last year, the respondents said their organizations conducted an average of 78 security investigations, highlighting the huge scope of the hacking problem. Of those, 28% involved targeted attacks, which are more sophisticated because they are tailored to a specific victim or go after specific kinds of information like confidential employee or customer data. Generally, most of these targeted attacks are malware-related, meaning a user’s PC can be infected with virus or spyware.

    Last year, organizations with more than 5,000 employees experienced an average of 150 incidents while those with 1,000 to 4,999 employees had 41. Small organizations with 500 to 999 employees had an average of just 31 incidents during that period.

    One of the potential roadblocks to recognizing that an attack is taking place are bottlenecks between security tools used to detect intrusions. Because specific security covers different parts of a company, it’s hard to get a real-time picture of what’s happening during an attack because the collected data isn’t shared.

    Young says one of the biggest trends he’s seen is a recognition of the importance of cyber defenses at the board level. Top executives, well aware of hackings at other companies from news reports, are paying far more attention.

    “Security has gone from back room to the board room, and this is a very good thing for the industry,” Young said. “More companies are putting more focus and budget towards security and protection.”