It was just
yesterday that I was writing a tentative outline for a possible course on Continuing
Education (CE), at a nearby Junior College.
The proposed topic is on Penetration Testing, and I even wrote a blurb
on the outline as to how Pen Testers are actually “Ethical Hackers”. If you are new to Cybersecurity, you may be wondering,
“OK, what is exactly hacking that is Ethical?”
Well, it does exist, and here is a technical definition for it:
“Ethical
hacking is the use of hacking techniques by friendly parties in an
attempt to uncover, understand and fix security vulnerabilities in a network or
computer system.”
(SOURCE: https://www.ibm.com/topics/ethical-hacking)
So as you can
see from the above definition, the operative word is “friendly”. In the world of Penetration Testing, the guys
that do the actual hacking belong to what is known as the “Red Team”. But they can only carry out their planned
hacks with explicit and written consent for the client that they are doing it
for. But this now brings up another key
point.
Even with the
traditional “bad guy” hackers, there used to evolve a code of “Ethics” as
well. Hacking has been around since the 1960s,
and since then, a certain code of cadence was created. Examples of this include the following:
*Any entity
that involved healthcare, and the delivery of life saving services, were completely
of limits. This means primarily hospitals
and ERS.
*Critical Infrastructure
could not be touched. If it were to be,
it would be considered an act of war by the impacted country, with the repercussions
unthinkable (perhaps even a nuclear war).
But it is important to keep in mind here that Cyberattackers are pushing
the envelope as far as they can, with the prime example being that of the Colonial
Gas Pipeline attack. Although the actual
pipeline was not affected, it did affect the financial markets and the supply
chain in a cascading effect.
More details
on this can be seen at the link below:
*Individuals and
businesses that were going to become a victim could only be hit once, and not anymore.
*The COVID-19
pandemic also ushered in a new era of “bad guy” hacker Ethics, especially in the
way of not targeting testing places and those entities providing the much-needed
vaccinations.
But after the
pandemic eroded away (it is still technically here, though), the rules of “Ethical
Hacking” by the Cyberattacker has changed greatly. This has been brought up a
lot by the covertness, stealthiness, and sophistication of Ransomware
attacks. For example, we are not just
seeing computers being locked up and files encrypted, we are now seeing it in
its worst form ever. This includes the selling
of PII datasets on the Dark Web and conducting Extortion like Attacks.
A lot of the disappearance
of a kind of good gestures in “bad guy” hacking has been catalyzed by two main
factors:
1)
The
increased interconnectivity with just about everything (primarily brought on by
the IoT).
2)
The
advent of Generative AI.
In my own
view, it is the latter which is the dominant force here. For example, a Cyberattacker can easily
create the source code for crafting a piece of malicious payload that can be
deployed to launch a Supply Chain Attack (like the Solar Winds hack), or even
use it to create a Phishing Email that it is almost impossible to tell the
difference between a real one a fake one.
Another unfortunate
catalyst driving this new trend is the fact that many of the hackers are now
getting much younger in age. In fact,
with so much that is available online and on the Dark Web, even a novice still in
junior high school and rent a service called “Ransomware as a Service”, and have
a third party launch a devastating attack for literally pennies on the dollar.
Also in the hacking
circles, it has even become a badge of honor to attack high value targets, such
as companies that are in the Fortune 500.
In fact, the Cyberattackers in this regard have become so brazen that
will even leverage the media to their own benefit in order to fully advertise
what they have done. In a horrible
sense, this is how a Cyberattacker adds to their “resume”. More details on this can be seen at the link
below:
https://www.darkreading.com/threat-intelligence/ransomware-gangs-pr-charm-offensive-pressure-victims
But this has
also led to the take down of the more traditional Ransomware groups, such as “Black
Cat”. Heck, even Cyberattackers are snitching
on their own brand so that they can remain at the top of the hacking list, with
the “best reputation” that is possible.
More information about this can be found at the link below:
https://www.darkreading.com/cybersecurity-operations/feds-snarl-alphv-blackcat-ransomware-operation
My
Thoughts On This:
Back in the
day, hacking simply meant that somebody would just break into a computer system
just to see what it contained, it was just a “curiosity” based attack. But as it has been described in this blog,
this is no longer the case. Going into the
future, just simply expect the worst.
Things will not get any better.
The more that you try to fortify your systems, the more the Cyberattacker
is going to pound on your door.
For more information
on what is expected in the way of hacks for 2024, click on the link below:
No comments:
Post a Comment