Every day we refer to those who commit cyber attacks as “hackers”. The image does not project an image of a a terrible criminal. In many ways “hacker” sounds like a cool title! Movies also made hackers super cool!
We also call them “black hats” and we call the hackers who work for the good guys as “white hats”. Actually, many hackers are commonly employed by top security firms and paid quite well for their skills to defend from cyber attacks.
In some ways, criminal hackers who basically lock up a user’s data for a ransom may be the lesser of the two evils. The big game is reserved for “Cyber Spies” according to Eric O’Neill, National Security Strategist at VMware Carbon Black.
Eric was the FBI agent that helped to arrest the first ever American spy, Robert Hanssen and sparked the birthplace of the US Counter Cyber Intelligence Agency. You may have seen the moving “Breaches”? That was based on his story. You can read his memories on his book called “Gray Day: My Undercover Mission to Expose America’s First Cyber Spy” or follow him on twitter @eoneill.
The bigger problem is when state actors (countries) or more organized cyber attackers become spies and mine for information. They infiltrate systems. They wait. They listen. They monitor. They record. They dig in. All done quietly like a true cloak and dagger operation. They do not seek or ask for a ransom. They are not interested in locking up data for just a quick payday. They are looking for business intelligence that they can leverage in much bigger ways.
Learning trade secrets. Learning about vulnerabilities of people that can be leveraged against them can be much more valuable than getting some bitcoins.
Just like the cold war days, today’s world is the theatre of the new cyber war games. Bad hackers no longer need to make copies of papers or hand over cash. They can do it all from the comfort of their home or just by being in proximity to an asset that they wish to infiltrate.
It can be as easy as being in a cafe sipping on a cappuccino while banging away on a laptop while breaking into someone’s computer. How many people have you seen in a cafe (before pandemic) working away at their computer? :o) Can you pick out the spy?
The point that Eric makes is that cyber spies can be anywhere and everywhere. They are on a mission to gain access to systems and mine whatever they want. With the unlimited resources of state-actors, penetrating any system is more likely than not.
With the recent attack on Fireeye and Solarwinds, it should emphasize that cyber spies are not easy to stop. Of course, that is just on top of all of the companies and ordinary people that get hit every day! With MSSPs, MSPs and VARs being a high-growth attack vector, we can only expect more hacking in the future. The pandemic and work from home has made the problem grow exponentially.
Eric says that this is already costing about $6 trillion per year and it would be equivalent in revenue to the 3rd largest country.
How important is protecting yourself and your clients? Does it only become important when you or your client get breached? It never will happen to you. Right? Maybe a good time to double down and assume that you do not have all of the gaps locked down. Rinse and repeat regularly.