By Manish Gupta, SVP-Products, FireEye, Inc
A walk on the moon is almost a walk in the park compared to combatting today's cyber criminals. The reason? Humans. Within the entire IT industry, cyber security is the single component where there is a human adversary committing the crime on the other end. Operating systems, applications, and network stack have a finite functionality, but cyber crime has the unpredictable element of the human mind behind it. And as it evolves, the onus is on us as a security industry to keep pace.
That's a challenge, for sure. Mankind has been around for thousands of years and we haven't stopped what I call analog crime - a simple bank robbery, for instance, where the thief physically goes into a bank to do the deed. Now we've moved into a digital world where thieves can sit in their pajamas, go online anonymously, and steal what they want from thousands of miles away-all with little risk of repercussions.
The world's supply chain is increasingly interconnected. While that's great from an efficiency standpoint, it has different implications when it comes to cyber security. If you connect a new device on the Internet, within ten minutes it is compromised. That kind of access puts a whole different spin on how we do business, and puts pressure on organizations to ramp up their security measures. The security of an ecosystem is as good as the security of the weakest link.
And that's a struggle for many organizations. Take a 2,000-person manufacturing company. They're likely not sophisticated, security-wise. Even if they find the funds to pay for the technology, it's a challenge for them to hire the staff to manage it. Outsourcing is an ideal solution - it gives them the technology, experience and intelligence to keep pace with criminals.
But larger companies are at risk, too. As we've seen so often in the past couple of years, credit card breaches and sensitive information can be accessed in even the biggest retailers and some of the world's top governments. It's not like these organizations haven't spent money on security - they're just not looking for the kinds of attacks that are being launched. And therein lies the difficulty.
One Size Doesn't Fit All
The kinds of attacks we see are varied, which makes preventing breaches that much more challenging. It's tough to defend against an attacker you can't see, and whose motivation can be so wildly unpredictable.
We see plenty of "script kiddies" - people who aren't very savvy but they go online and buy sophisticated malware to steal someone's personal banking information for financial gain.
There are -smash-and-grab- kinds of attacks, like we saw in 2014, where criminals can walk away with 40 million credit card numbers and sell them online for $15 a piece. That adds up to a small fortune and is difficult to trace.
Then we have the shameful attacks that are intended to shame the victim and teach them a lesson (recently seen in a large media company). We also see this playing out in the website defacing and hijacking of social media assets. E.g., the ISIS group recently took control of the U.S. military's Twitter account. This type of attack is the hardest to deal with, because the sole motivation is to cause as much damage as possible.
And then, of course, there are the sophisticated nation-state funded organizations that are after intellectual property and information that can benefit the sponsor country. From blueprints for a new jet fighter to political secrets, government-funded attacks raise the stakes, and the potential costs, even higher.
With so many types of criminals and crimes, organizations likely feel helpless to defend against this daring new world of cyber crime. Even with a $35 billion cyber security market in place, humans with nefarious intent can hack into networks and help themselves. And everyone's a potential victim no matter where you're located or what industry you're in, it's safe to assume someone can find something of value in your network which can ultimately mean the loss of millions of dollars.
Fortunately, researchers and analysts are working diligently to adapt methods that can reduce the chances of a successful attack.
Good Things Come in Threes
Organizations today need a three-pronged approach to dealing with the evolving world of network security. Technology is one part of the solution: a security platform designed to detect and prevent these advanced attacks is a crucial cornerstone to keeping criminals at bay.
Intelligence is another pillar. Identifying the attacker - who is attacking you and who they attacked in the past - and their motivation goes a long way towards establishing a defensive posture that can keep your company safer.
And expertise can't be overlooked. Hackers of today are sophisticated, well funded, and mission oriented. To deal with such adversaries, we should leverage the experts who are experienced at dealing with today's hackers. There is too much at risk.
When you put these three fundamentals together - technology, intelligence, and expertise, you've built a strong foundation against a formidable - and often unidentified - enemy.
The Bottom Line
The human element of this daring new cyber world makes crime less predictable and more dangerous. There are still too many organizations with lax security strategies offering easy targets to today's hackers. It's incumbent upon us to adapt our defensive measures to level the playing field against a powerful adversary. Winning this war may seem like a pipe dream, but several decades ago, so did putting a man on the moon. We just have to aim a little higher to get there.