Insider Intel: What It Takes to Beat Cyber Crime
Education and Careers We asked an industry expert to weigh in on the state of cyber security today, and to detail the different types of threats companies of all sizes currently face.
MP: What kind of cyberattacks do you see most often?
Dan Shugrue: Some of the most prevalent are combined attack vectors that take down websites, steal or manipulate data and last days if not weeks.
MP: What are the important trends organizations should know about?
DS: Three things. First, the attackers conducting today’s attacks are no longer just interested in glory or status. They are increasingly interested in making money. You can see this in attacks carried about by criminal groups such as DD4BC that perpetrate DDoS attacks to extort BitCoin ransoms. The availability of crypto-currencies such as bitcoin makes demands for payments easier, because crypto-currency is difficult to track. Second, it is increasingly easy for anybody to take part in attacks.
There are many attack tools available on the Internet to purchase, for rent or for hire. Third, there is increasing evidence of scale and sophistication in attacks that require state-level support. In other words, attacks today are part of warfare. That means that the resources behind them are far greater than any single criminal organization could muster.
"It is important to understand and accept that there are risks involved and to weigh those risks against the risk of not moving to the cloud."
MP: What advice can you give to organizations to protect themselves?
DS: Have a plan of action for what to do if and when you come under attack. Conduct attack drills. Know whom to call in advance. Write down whom to call when. Remember Dwight Eisenhower’s words: "In preparing for battle I have always found that plans are useless, but planning is indispensable." Decide if you need to pay a provider or if you can do it on your own.
Another way to prepare is to gather intelligence. You can do this easily today by reading up on trusted security sources like Bruce Schneier, the Akamai State of the Internet Security report, and the various Ponemon Institute reports. Assess your risk, and invest in security that is commensurate with your risk.
MP: What tips would you offer businesses that are still hesitant to trust in the cloud?
DS: Many companies are still worried about the risks of moving to security to the cloud. It is important to understand and accept that there are risks involved and to weigh those risks against the risk of not moving to the cloud. The question is really one of residual risk: DIY is appealing from an emotional perspective and is doable if you have the skills, time and budget.
At the same time cloud-based security vendors often have more security resources and expertise on staff; they work on this kind of thing full time, and there is an advantage to that. Perhaps an even more important advantage of cloud-based security providers is that they have visibility into attacks against other customers and can share the data and attacks they see across their customer base.