IT chiefs urged to tread carefully when uncovering hacking attacks

Security firm BAE Systems Detica has advised business the most important step on discovering a cyber attack is not to let the crooks know they have been discovered.

BAE Systems Detica head of cyber security services, Tom Burton, warned that companies' strategies for dealing with cyber attacks are giving hackers an advantage because they can shift tactics was uncovered.

"We've found that almost as soon as we take action against a threat the attackers change their behaviour. It can cause them to accelerate their operations to finish their mission before you kick them out," Burton told V3.

"On some occasions we've also seen that as soon as we take action, they have implemented another far more sophisticated piece of technology because they realise they're dealing with a more sophisticated target."

As such Burton said it was important to take a more considered approach to cyber security companies to be able to deal with the problem as a whole.

"One of the first pieces of advice we give our customers when we detect a threat is actually quite counter-intuitive. We tell them don't do anything, whatever you do, don't do anything overt at the moment," said Burton.

"What you need to do is understand every single aspect of the attack, how extensive it is and what other channels there are we may not have visibility of. Otherwise it is just whack-a-mole."

Cyber security director at BAE Systems Detica, Rich Wilding echoed this by saying that even if the company successfully removes the individual threat, the attackers will likely return.

"If you just deal with the threat then leave, they don't go ‘ah, you got me' and then leave. No, they immediately come back. If you just fix the problem and think you're going to be ok, you're not as the reason for wanting to attack you doesn't go away," said Wilding.