The computer revolution shaped our world and transformed a few key aspects of current society; transportation, communication and business will never be the same. This important era began more than 40 years ago but some things didn’t change. The dynamics in our IT environments and across the threat world place us in an era referred to as the “Globalization of Hacking.”
The globalization of hacking is about creating a fast, more effective and more efficient sector profiting from attacks to our IT infrastructure, similar to how the Industrial Revolution created faster, better and more efficient sectors of the economy. This era is changing how we must protect our systems, changing our way of thinking about how to future-proof our approach to security.
The solutions must be based on visibility, control and protection. As a whitehat you need to have a clear vision of your environment in order to protect it: if you can’t see the field, you can’t take part in the fight. Whitehats cannot protect what you cannot see. As soon as you see it, you can control it and protect it; thats how it works. Solutions should also offer flexibility because security evolves fast, crazy fast. You must be able to add protection as your IT environment and the threat evolve so that it will let you scale the solution to meet your needs, budget and without replacing the existing systems.
To understand why vision, control and flexibility can offer effective long-term protection, we will take a closer look at how the Globalization of Hacking is affecting the equipment and threat environments, and of course our ability to protect our organizations/business.
The Industrial Revolution marked a period where innovation became cheaper, easier and created faster ways to produce several different products like textiles, cast iron and steel. Transforming industries and creating a new market built on these materials was crucial. In parallel, hacking used to be a hobby, something you did for fun. But as evil guys realized there was value to be gained, the work became more standardized and based on process. Several new stealth methods to bypass protection like port jumping/humping/hopping, tunneling (VPN), droppers and of course botnets have made things easier, faster and a lot cheaper for all the hackers all around the world to get inside, and very difficult for whitehats to see them in time and defend the systems.
Industrial Revolution reshaped Transportation as well. The advent of steam engines resulted in more accurate and effective ways to transport all the raw materials and goods. Today, infrastructures and networks including personal and mobile devices (Iphone, Smartphone etc..) , the cloud computing, WiFi, 3g/4g and Bluetooth provide new and efficient way to transport viruses, malware, trojans and conduct attacks. Just as transportation connected the world and made things faster, technology did the same thing. The super hacker team can be found in any country and their targets are all around the world. In fact, it seems pretty hard to control who and what has access to corporate networks.
The telegraphs opened up communication as never before and shaped the war. Today, mobile devices enable anytime/anywhere connections. Social media, mobile apps, web sites and all the web-enabled applications create new ways for businesses and individuals to connect. But they have also exposed people and organizations to new security threats. Your birthdate, name and even your adress is now publicly accessible, and through social engineering, hackers dupe users and share sensitive data.
The organized exchange of exploits is growing in strength and is lucrative. The most important exchange used to be the notoriety that came with discovering new vulnerability exploit, but now there are financial incentives to be the only one who knows.
We need to reverse the game and stay ahead of hackers with specialized security techs designed to combat the latest threats. In today’s economic reality, businesses need to focus on mindful resource and budget constraints.
Tomorrow, businesses will need to focus on advanced malware and targeted attacks, which are the most damaging these days. Protections must be full AI and capable of continuous updates, able the take actions to stop the attack and counter the villains. The main capabilities should be : malware detection and retrospective remediation (the ability to alert the user and to quarantine files previously thought to be safe but now, according to the latest threat information, are identified as malicious.)
Thanks to Marc who helped me summarize things