The Industrialization of Hacking Has Created a Wave of Threats That are Increasingly Sophisticated
The Industrial Revolution transformed four key aspects of society—innovation, transportation, communication and financial markets—changing the world forever. Although this important period in history began more than 200 years ago, there are surprising parallels we can draw today with respect to information technology and security. The dynamics at play in our increasingly complex IT environments and across the threat landscape place us squarely in an era referred to as the “Industrialization of Hacking.”
Similar to how the Industrial Revolution created faster, better and more efficient sectors of the economy, so too is the Industrialization of Hacking creating a faster, more effective and more efficient sector profiting from attacks to our IT infrastructure. This era is profoundly changing how we must protect our systems, driving us to think about how to future-proof our approach to IT security.
To begin with, solutions must be based on a foundation of visibility, control and protection. As a network defender you need to have a clear baseline of your environment in order to protect it. In other words, you cannot protect what you cannot see. And once you “see it,” then you can “control it” and “protect it.” Solutions should also offer flexibility to support evolving security needs. Being able to add protection as your IT environment and the threat landscape evolve, lets you scale the solution to meet your needs without ripping and replacing existing systems.
To better understand why visibility, control and flexibility can offer effective long-term protection, let’s take a closer look at how the Industrialization of Hacking is affecting our IT and threat environments and our ability to protect our organizations.
Starting with innovation, the Industrial Revolution marked a period where innovation drove cheaper, easier and faster ways to produce textiles, cast iron and steel, transforming industries and creating new markets built on the proliferation of these materials. In parallel, hacking used to be a hobby. But as nefarious types realized there was value to be gained, the work has become more standardized, mechanized and process driven. Stealthy new methods to circumvent protection like port hopping, tunneling, droppers and botnets have made it easier, faster and cheaper for hackers to get in and increasingly difficult for defenders to see them and keep them out.
Transportation also underwent significant change during the Industrial Revolution. The advent of the steam engine resulted in more effective ways to transport raw materials and finished goods. Today, a breadth of new devices, infrastructure and networks including personal and mobile devices, the cloud/virtualization, wifi/mifi, 3G/4G and Bluetooth provide new, efficient mechanisms to transport malware and conduct attacks. And just as transportation connected the world and made it “smaller,” so too has technology. Groups of hackers can be found in any country and their targets are just as easily halfway around the world as across town. Controlling who and what has access to corporate networks seems almost insurmountable.
The Industrial Revolution was also a time when inventions such as the telegraph opened up communication as never before and set in motion a wave of change. Today, mobile devices enable instantaneous, anytime/anywhere connections. And while social media, mobile applications, web sites and web-enabled applications continuously create new ways for businesses and individuals to connect, they have also exposed individuals and organizations to new inbound and outbound security threats. Personal information like birthdates is now publicly accessible and through social engineering hackers regularly dupe users into unwittingly sharing sensitive or inappropriate information or clicking on malware that penetrate networks and can exfiltrate data over time. In our Bring-Your-Own-Device (BYOD) world IT security administrators have little visibility or control over the devices and applications accessing the corporate network, and limited ability to keep pace with new threats.
During the Industrial Revolution, new financial markets (i.e., the creation of stock exchanges, more banks and industrial financiers) fueled the dramatic change. Likewise, today the organized exchange of exploits is growing in strength and lucrative. The end game used to be the notoriety that came with discovering and publicizing a new vulnerability exploit, but now there are significant financial incentives to be the only one who knows. We’ve gone from showboating to secrecy as the market for zero-day exploits has evolved and the motivation to launch new attacks has shifted to economic or political gain.
The Industrialization of Hacking has created a wave of threats that are increasingly sophisticated. We need to turn the tables and stay ahead of hackers with specialized security technologies designed to combat the latest threats. At the same time, in today’s economic reality, organizations need to be mindful of resource and budget constraints.
Focusing on advanced malware and targeted attacks, which are the most damaging in the latest threat cycle, solutions that provide protection before, during and after an attack have staying power. Protections must be capable of intelligent and continuous updates and able to take action to stop the inevitable outbreak. Look for security technologies that allow you to add capabilities such as:
Malware detection – the ability to identify files as malware at the point of entry, remediate according to your organization’s policies and learn and update detection information based on evolving threat intelligence. Continuous file analysis – the ability to analyze detailed information on how the malware is behaving and propagating so you can understand how to contain the outbreak and block future attacks.
Retrospective remediation – the ability to alert on and quarantine files previously thought to be safe but now, according to the latest threat information, are identified as malicious.
Technologies that recognize the need to fight against advanced malware and targeted attacks without compromising efficiency or overstretching the budget are the only way we can effectively protect ourselves against the Industrialization of Hacking.