What Lessons Are Hackers Offering IT Security Pros?
Maybe it’s time to stop fearing hackers and start learning from them. Businesses that do that will have a big advantage when it comes to securing their own networks.
So argued Keren Elazari, cybersecurity expert and self-described “friendly” hacker, at the CDW Protect SummIT in Philadelphia. Elazari is an active member of Security BSides, a global network of security events started by hackers and security researchers. In 2016, Elazari founded the organization’s chapter in Tel Aviv, Israel, where organizers held an event just a few weeks ago.
“The reason I hold these events is I think hackers hold the key to the future,” Elazari said, speaking to more than 200 security professionals from around the U.S. “Sometimes, it’s up to us hackers to expose a threat so that we can spark a solution.”
But while Elazari is a noble hacker and draws inspiration from those like her, she’s under no misconceptions that most threat actors are not out to change the world for the better. Even so, it’s important for organizations to listen to what hackers, both good and bad, are saying — because they have many lessons to offer.
Cybersecurity Is About More Than Protecting Information
The first lesson is that modern cybersecurity is about a lot more than just protecting passwords or individual assets within a network. Given the current stakes, she says, it’s really about protecting our very way of life.
Malicious hackers are “stealing our access to information systems that manage our entire lives,” she says.
It’s time for IT security professionals to start acting like they know that.
The ransomware attack that hit the city of Baltimore in May is a perfect example. Hackers seized thousands of the city’s computers, locked citizens out of the services they count on and demanded $100,000 in bitcoin to restore access. The city refused to pay — and its system remained down for weeks.
“Imagine you just bought a house and you have outstanding bills to pay to the city, or you have something really urgent going on with your building, and you can’t get any help with that because all the city’s systems are down,” said Elazari.
When Norwegian aluminum company Norsk Hydro suffered a ransomware attack this spring, the company had to switch to manual processes that slowed production to a crawl and affected the global price of aluminum. And in 2017, roughly 20,000 medical appointments were canceled in the United Kingdom when its National Health Service was attacked.
“How would that make you feel about the systems in which you entrust your whole life?” Elazari said. It’s time for security professionals to appreciate that what malicious hackers are really after is the very trust that people place in modern life, she said.
Hackers Are Motivated by More Than Just Money
Elazari noted that money is only one of several motivations for today’s hackers. Many are driven by politics, and some are supported by nation-states that are seeking to disrupt international adversaries.
Businesses are often caught up in cyberattacks that nation-states are conducting around the world, such as those that were affected by the NotPetya attack in 2016 and 2017, a global attack that affected dozens of companies, from shipper Maersk to chocolate maker Mondelez.
In the latter case, Mondelez is suing the issuer of its cybersecurity insurance policy, which has refused to pay out its $100 million claim on the grounds that the attack was an act of war. The insurer cited a White House statement that NotPetya was part of the “Kremlin's ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia's involvement in the ongoing conflict.”
The Growth of Devices Makes Life Easier for Hackers
Next, Elazari noted that thanks to the explosion of web-connected endpoints, hackers have a virtually unlimited number of things to attack. Indeed, a remarkable milestone was reached in 2018, when the number of devices in the world surpassed the number of living humans.
Anything that’s connected to the internet can be attacked, and endpoints are often valuable to hackers because they serve as an entry point to the rest of the network.
“Whether we like it or not, we need more security thinking, strategy and design when it comes to these devices,” she said.
She added that automation is making it possible for hackers to develop hacks at scale, meaning they will be able to draw up bigger attacks against a broader array of victims more easily.
Check out our event page for more articles and videos from the CDW Protect SummIT.