USA TODAY International Edition
For cybersecurity pros, threat level at ‘ Code Red’
Many at annual RSA gathering say concerns are unprecedented
Cybersecurity threats are now a household worry, putting the thousands of professionals who flock to the annual RSA cybersecurity conference here in an unusually influential position.
“The threat level is now Code Red,” said Avivah Litan, a security analyst with Gartner, a consulting company. Familiar threats, such as hacking by groups backed by governments, are not new, but they’ve become more severe in the past year. Plus there are new ones, such as the use of botnets to take down Internet service for an entire region.
The events of the past year “have opened the public’s — and the government’s — eyes that the problem is bigger than they thought it was,” said Gus Coldebella, an attorney with Fish & Richardson in Washington, D. C., and former acting general counsel of the Department of Homeland Security under President George W. Bush.
The rhetoric around threat vectors and hacking is always strong at RSA, if only because most attendees are bent on convincing potential corporate customers that without their products and services designed to prevent or discover hacks, they are vulnerable to attack.
But many attending say concern at this year’s conference is unprecedented, between Russian involvement in events leading up to the presidential election, a botnet attack that took many websites on the East Coast offline for a day in October and an evergrowing rap sheet of ransomware attacks.
“It’s gone to the next level,” Litan said.
Three topics especially dominate this year’s conference: uNation- states as cyber at
tackers. The FBI and multiple other U. S. security agencies publicly accused Russia of attempting to influence the outcome of the 2016 presidential race by stealing data to discredit Democratic officials. Donald Trump, then Republican nominee, at times has doubted Russia’s involvement.
Discussions of possible nationstate hacking have long been a staple at computer security conferences, but they have tended to focus on things such as infrastructure hacks that might take down the power grid or hits on the banking system.
Russian meddling in the runup to the election was not on the short list of frequently predicted attacks.
“The crisis is not what we were given to expect,” said Bruce McConnell, a global vice presi- dent at the EastWest Institute, a non- partisan think tank, where he heads the cooperation in cyberspace initiative.
“We are in a fundamentally different environment,” McConnell said.
uBotnet wipeout. October’s attack on an East Coast Internet company knocked major companies offline for much of a day. It was the first known wide- scale use of a cyber weapon known as a botnet.
That botnet, called Mirai, was also the first major use of the massive zombification of millions of “Internet of Things,” or connected devices, in homes and businesses across the world. It represented a new and scary normal.
Multiple workshops at RSA will be devoted to the threat from both the botnet and IoT devices.
uRansomware. It’s becoming hugely popular among cybercriminals. Attacks grew 160 times year over year, from 4 million attack attempts in 2015 to 638 million in 2016, according to a report by security firm SonicWall.
“( Recent events) have opened the public’s — and the government’s — eyes that the problem is bigger than they thought it was.” Gus Coldebella, former acting general counsel of DHS