THE DIF­FER­ENT FACES OF CY­BER-THREATS

Sy­man­tec: Fu­ture of Cy­ber Se­cu­rity Will Be Chal­leng­ing

HWM (Malaysia) - - SMB - SPECIAL - by John Law

Cy­ber se­cu­rity – It’s an is­sue that is no longer rel­e­gated to only the do­main of the desk­top and note­book PCs. Th­ese days, hack­ers and in­fil­tra­tors have al­ready started at­tack­ing the av­enue of smart devices, and with good rea­son. In to­day’s world, ev­ery elec­tronic devices that you hold – your per­sonal smart­phone, your tablet or smart­watch, in your car or even your house – is in some way or an­other a com­puter, or a de­vice that is con­nected and con­trolled di­rectly by a com­puter.

But how did it all start, and just how far has cy­ber se­cu­rity and the threat of in­sid­i­ous and ma­li­cious hack­ers evolved over the years?

The Per­ils of the Cy­berspace

The an­swer to that ques­tion, dear read­ers, is very ex­ten­sive. De­pend­ing on the sever­ity of the act and com­mit­ment of the hacker, a cy­ber-threat could range from any­thing as sim­ple as data theft from one of your per­sonal elec­tronic devices, to the de­fac­ing of a par­tic­u­lar web­site that be­longs to a cer­tain com­pany, or for some­thing far more ex­treme, the de­struc­tion of an en­ergy in­fra­struc­ture via a re­mote ex­plo­sion.

At a re­cent trip to Sin­ga­pore, we had the chance to visit Sy­man­tec’s new Se­cu­rity Op­er­a­tions Com­mand (SOC) Cen­ter that was es­tab­lished for the re­gion. Dur­ing that time, we got to learn a bit more about how and when cy­ber-threats and cy­ber se­cu­rity be­gan emerg­ing, and when they started be­com­ing both a rel­e­vant and es­sen­tial part of our daily rou­tine.

We can cat­e­go­rize the time­line of cy­ber-threats through five dif­fer­ent eras, with each era sum­mar­ily de­scrib­ing the length and depth of the hack­ers.

• The Era of Dis­cov­ery (1986 – 1991) • The Era of Tran­si­tion (1992 - 1998) • The Era of Fame and Glory (1999 – 2005) • The Era of Mass Cy­ber Crime (2006 - 2012) • The Era of In­tel­li­gence (2014 – present)

Just as life traces its roots back to the pri­mor­dial soup, the era that hack­ers first be­came ac­tive be­gan dur­ing the Era of Dis­cov­ery, which saw the rise of in­di­vid­u­als who merely hacked into sys­tems sim­ply for the sake of hack­ing.

This rig­or­ous regime of try­ing to break the sys­tem even­tu­ally led to the Tran­si­tion Era, and by this time, the hack­ers had a la­bel: Script Kid­dies. Armed with a wealth of ex­pe­ri­ence and a bet­ter un­der­stand­ing of cy­ber se­cu­rity, it was also Mi­crosoft’s bad luck that the com­pany would be the pri­mary tar­get of th­ese hard­ened key­board war­riors.

But the eras where hacker re­ally started to get se­ri­ous were the Era of Mass Cy­ber Crime and the cur­rent Era of In­tel­li­gence. The Era of Mass Cy­ber Crime was when hack­ers started en­gag­ing in crim­i­nal ac­tiv­i­ties: break­ing into per­sonal files or govern­ment-run in­fra­struc­tures, steal­ing in­for­ma­tion that in turn would be sold to the high­est bid­der for unimag­in­able sums of money. At this point of time, the mes­sage of the hack­ers was clear: No one is safe, not even in cy­berspace. This mes­sage was com­pounded even fur­ther when the Era of In­tel­li­gence came knock­ing at the doorsteps of many com­pa­nies, both pri­vate and govern­ment-funded. At this stage, the hack­ers were get­ting cre­ative in the way they made money. Rather than steal the in­for­ma­tion and sell it, to­day’s brand of hack­ers have found ways to ac­tu­ally hold your data hostage, al­low­ing them to threaten the hostage with the risk of pub­lic ex­po­sure of their data, un­less they pay them the amount de­manded (usu­ally in the crypto-cur­rency Bit­coin).

Tak­ing Up Arms

Need­less to say, by the time the Era of Mass Cy­ber Crime had ar­rived, coun­tries all over the world be­gan cre­at­ing new divi­sions and de­part­ments in the mil­i­tary that spe­cial­ized in cy­ber warfare. Out­side of the mil­i­tary, cy­ber se­cu­rity com­pa­nies such as Sy­man­tec are con­tin­u­ously de­vel­op­ing new ways of deal­ing with cy­ber-threats.

But therein lies a prob­lem: Sy­man­tec men­tioned that the num­ber of hack­ers around the world who are re­spon­si­ble for some of the most se­ri­ous cy­ber-at­tacks out­num­ber the num­ber of de­fend­ing hack­ers (more specif­i­cally, Sy­man­tec’s se­cu­rity oper­a­tors) by a ra­tio of 4:1. That’s an alarm­ing ra­tio of at­tack­ers to the de­fend­ers, and Sy­man­tec knows that. But think about this: the prob­lem can eas­ily be solved if Sy­man­tec ac­tu­ally man­ages to pluck some of the hack­ers from the at­tacker’s side over theirs. By that logic, the ra­tio would even­tu­ally bal­ance out.

“Even if we were to do that, I per­son­ally wouldn’t, and it all boils down to a trust is­sue,” Peter Sparkes, Se­nior Di­rec­tor, Man­aged Se­cu­rity Ser­vices, APJ, Sy­man­tec, and the per­son in charge of run­ning Sy­man­tec’s new SOC in Sin­ga­pore, told us in an in­ter­view.

“We know that it would be eas­ier to pick th­ese gray hat and black hat hack­ers from the en­emy’s side, but the prob­lem is: who’s to say that th­ese same hack­ers won’t sud­denly turn their backs on us or even worse, only came to our fa­cil­i­ties just so that they could con­duct their own brand of espionage? Re­mem­ber, it’s al­ways eas­ier to at­tack, but it’s al­ways harder to de­fend.” Sparkes added.

The new Sy­man­tec SOC in Sin­ga­pore was opened in Novem­ber last year, and will serve as one of the main hubs for the com­pany’s se­cu­rity op­er­a­tions.

The reach of hack­ers in to­day’s cy­ber-era is alarm­ing.

The many dif­fer­ent faces of cy­ber-threats, and the hack­ers who con­duct them.

Hack­ers are now re­sort­ing to ran­somware and cryp­to­ware to black­mail po­ten­tial vic­tims.

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.