Monday, September 5, 2016

Permanent Cybercrime Targets

Today, one year ago...

Hacked cars, cyberwar, espionage and health care cybersecurity. Are we talking about the present time? No, we are talking about what happened one year ago. As we have been doing every Monday since August, we look back to see what happened a year ago at this time. On days like this September 5th, we can see that the techniques can be modernized year by year, but many of the major threats are virtually identical: the money trail and the weakest link in the chain are 'responsible' for these reasonable similarities between the past and the present.
If we search on Google the term 'Blue Termit', we will be facing an Advanced Persistent Threat (APT), which has its roots in the last months of 2013. Since that date we can find some examples of malware that Kaspersky Labs identified within a campaign against organizations in Japan. At the end of August 2015, the matter came back to the news because there had been new and more sophisticated methods of attack. Among them, the infection of hundreds of websites by a Flash Player exploit, the same one that had been leaked in the well-known incident related to The Hacking Team.

In cyberwar, as in cyberlove, everything is permitted, and rules are not written. The arrest of cybercriminals not always means good news, since it can lead to unflattering situations, as it happened to the National Crime Agency in the UK, which was shaken by a Distributed Denial of Service (DDoS) attack. Precisely, the same agency that some days before had arrested six teenagers from 15 to 18 years old that belonged to a hacking group called Lizard Squad and that could be behind some cyberattacks against a school, online videogames and companies such as Sony, Amazon and Microsoft.

And speaking of DDoS attacks… Does anyone imagine a hacking operation like this but related to road traffic? Although this possibility sounds faraway today, a year ago researcher Jonathan Petit proved that it was possible to block a ‘smart’ car, applying the same philosophy as the one  in DDoS: make the vehicle imagine there are multiple obstacles around. Virtual obstacles, of course, phantoms in the ‘imagination’ that the software is able to recreate.

That is why, because some threats have been coexisting with cyber reality for one year or more, we should always bear in mind reports and studies developed in different fields. With the purpose of checking, as time goes by, if those threats are still present. This is the case of the report on health care cybersecurity, made by KPMG consultants over a year ago. The study concludes with a series of recommendations: incorporation of cybersecurity in the technology and network architecture, via strategic design, a well-prepared cybersecurity team and security operations center, to increase cybersecurity awareness at all levels and take a broad view when implementing cybersecurity. 

Are these very ‘basic’ pieces of advice from the auditor? Yes, in terms of ‘bases’: the bases of cybersecurity that must not be eluded; when we see targets that are repeated, year after year, although the techniques change and become more sophisticated.  Not everyone can have the skills of a cybercriminal, but one can lead their misdeeds to an unsuccessful end. 


Post a Comment