Articles

Context is keen to share its ideas and knowledge with clients and those interested in Information Security whilst reporting on news and current developments in the field.

Context Release New Whitepaper: Crouching Tiger, Hidden Dragon, Stolen Data

There have been many media reports in recent years about cyber attacks on governments and a variety of private sector companies. The rather ambiguous term ‘Advanced Persistent Threat’ (‘APT’) is widely used to describe any attack which appears to have compromised computers in these companies or organisations, regardless of the source or purpose of the attack. We prefer simply to call them ‘targeted attacks’ and leave marketing terms to one side. This paper is not concerned with the technical aspects of targeted attacks, but seeks instead to inform readers about the full scope and nature of these attacks, the reasons why they are launched and the people and policies behind their design and execution.

Many reports of attacks inevitably end by asking ‘Who did it?’ But the answer is rarely straightforward. Western Governments usually allege the attacks come from ‘Asia’ or the ‘Far East’, rather than risk offending the Chinese government. Large corporations are similarly vague in their descriptions of these events, for fear of harming lucrative business arrangements. Security ‘experts’ always caution that IP addresses can be used as hop points through which attackers disguise their true origins, so perhaps this could be a case of other countries trying to make it look as if China was the source. While true, if something looks, walks and quacks like a duck, it is almost always a duck.

We will not be so coy. This paper will look directly at the most prolific sponsor of computer network exploitation attacks: China. We know other countries have implemented similar programs for attacking computer networks and have seen many examples of these in our work over the last few years, but our focus here is China.

We will examine various aspects of these attacks, including the nature of the information targeted and the types of organisations threatened. We will consider the effort involved in planning, executing and managing these attacks; and assess the information products they generate, in order to understand the scale of human involvement and the government policies which sponsor information theft via targeted attacks. With all this in mind we will then postulate on where the stolen information goes and how it may be used.

Download the whitepaper here

Context Information Security Ltd achieves certification to ISO/IEC 27001:2005

In September 2010 Context completed and were certified as being compliant according to the ISO/IEC 27001:2005 standard for Information Technology and Information Security Management by BSI. Context were keen to find a way to measure ourselves against industry best practise in order to demonstrate and assure both ourselves and our clients that we are safeguarding sensitive data and confidentiality.

In this article Tim Erridge discusses the ISO/IEC 27001 standard and the benefits it has had on Context Information Security Limited, as well as its clients.

The Deadly Potential of APT

APT or Advanced Persistent Threat, are cyber attacks which create a threat to the economic and national welfare of a country. In 2010 the UK government announced cyber attacks as being one of the three most serious threats which the country faces, alongside terrorism and natural disasters. APT attacks usually target large private sector companies or government organisations, carrying out unlimited methods of attack and usually over extended periods of time to find weaknesses.

In this article, Context’s CEO Mark Raeburn outlines possible types of APT attacks and advises on some important steps which any organisation must take to defend itself against such threats.