Saturday, January 29, 2022

5 Key Reasons Why We Live In Such A Cyber Reactive Society

 


Often, I get asked by client and prospects when did Cybersecurity actually start?  This is actually a hard question to answer, because nobody really nobody knows the answer to it.  Technically, you could say when the first mainframes came out in the 1960s, and the first Internet was born, which was called the APRANET. 

This allowed computers to be connected together, which posed the possibilities of them getting hacked.  But I can say for sure that the first documented Phishing attack actually occurred in the late 1990s, when a threat variant was launched against AOL.

So since then, obviously technology has advanced greatly, and has come to the point where we can literally say to Siri or Cortana, “Please start the coffee maker”, and it will start.  But of course, things are going to advance further much more than this as the years pass. 

Then another question I guessed asked from time to time is how did we get so bad at Cybersecurity, and how is it that the Cyberattacker has the upper hand now?  Well, there are many different reasons, and I will give the big one at the end of this blog.  But here are some of the reasons that have been cited so far:

1)     The Cyberattacker is very organized:

Honestly, one does not need to be wearing a hoodie, be sitting in a dark room with a laptop in front of them, with an IQ of an exponential amount.  In other words, you really do not have to be that intelligent in order to launch a true Cyberattack.  The reason I say this is that now, anybody could go onto the Dark Web and hire a Cyberattacker agency to do the work for you.  Why they are so successful these days is that they are organized, and they plan well ahead of time as to how they will attack.  In fact, this is why the Solar Winds hack was so successful.  It took months of planning ahead of time, and the Cyberattacker took all the time that they needed to carefully study their victim, and find their weakest spot.  This has become now known as the “Corporatization of Cyberattacks.”

2)     Payloads are much more intelligent:

With the advent of Artificial Intelligence (AI) and Machine Learning (ML) tools now become widely available, the malicious payloads, also called the “Malware” has become much more sophisticated in nature, and even more “intelligent”.  For example, most payloads can now sit in a dormant state in the IT/Network Infrastructure of the victim, going undetected for long periods of time (average is 90 days).  But they are not just simply sitting there.  They are actually collecting bits of information and data that it can use to leverage itself when it comes time for them to literally “explode on the scene”.  Of course by then, the damage has already been done, and the best anybody can do is try to mitigate any further damage as much as possible.

3)     Supply Chain Attacks:

By this, I don’t mean attacking the direct logistics and shipping lines that exist (but this is also a key target).  Rather, this is the instance where the Cyberattacker will use one weak spot to deploy the malicious payload, and from there, it can further spread itself in zombie like fashion, affecting thousands of other devices.  This is now technically known as a “Supply Chain Attack”.  Once again, the Solar winds example is the best one to use here.  Long story short, the company had a software package called Orion, which thousands of other customer used.  All the Cyberattacker group had to do was merely insert the malware in just one weak spot of Orion, and from there, it spread itself to hundreds of other victims, which included branches of the US Federal Government, businesses in Corporate America, and even the nonprofit sector as well.  Watch for this trend to continue in 2022, but with the Critical Infrastructure being the primary target in this regard.  In fact, 97% of the businesses in the United Kingdom were victims of this kind of attack in 2021.

4)     The Remote Workforce:

Now that this has taken firm root for the long haul now, this has opened a whole host of vulnerabilities for the Cyberattacker to penetrate into, thought things are a lot better now than when everybody first started to work from home almost two years ago.  For example, there is the intermeshing of the corporate and home networks, employees using personal devices to do work related functions, Zoombombing, employees using public WIFI’s in order to access the corporate network, etc.  But probably one of the biggest problems is that with such dispersed workforce, the threat of Insider Attacks and Social Engineering has become very real now.  Thus, businesses now have to examine closely any external threats along with any suspicious behavior that could be precipitating from within.

My Thoughts On This:

As mentioned, Cyberattacks are only going to grow, they will never stop.  Just consider some of these stats for 2021:

*The total number of PII dataset breaches increased by 17%;

*Over 40 million healthcare records were stolen;

*The payouts for Ransomware was pegged at $590 million.

These numbers are only expected to get worse as time goes on.  So what is the big reason why Cybersecurity is so bad today?  Well, it’s just the matter of the fact that we live in a reactive society.  We simply don’t think that we will ever become a victim, and we will only take steps to protect the business, customers, and employees after we have been hit with a security breach.

IMHO, this is how 9/11 happened.  The Presidential Administration at the time had the intelligence information and data to merit that something was going to happen, but they did not act on it in enough time.  Heck, even the hijackers that took control of the airplanes displayed very erratic behavior as they were taking flying lessons, but nobody reported them.

Unfortunately, this is the way our society works, and will do so for the long haul.  Humans are simply creatures of habit, and don’t want to change until something bad really does happen.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...