According to a recent report, German federal law enforcement computer networks were compromised for nearly a year before the intrusion was noticed. The attackers, who call themselves the “No Name Crew”, used that time to gather tremendous amounts of privileged information on government and law enforcement operations.
Many companies are still using the “hard shell, chewy center” model of computer security – lock down the perimeter so that nobody can get through. As the French discovered with the Maginot Line, that’s not a valid means of defense. Any network of noticeable size has compromised machines on it; that’s just a fact of life these days. Do you have the internal controls in place to find and limit the access of these machines?