Hacking: The Necessary Evolution of Espionage - Part 3

Things you can do to avoid becoming the next victim of cybercrime

Author:
Eric O'Neil
National Security Strategist at VMWare Carbon Black, Bestselling Author, Former FBI
Twitter: @eoneill

The number one, top ransomware attack in 2021, happened July 2nd while we were all getting ready for the 4th of July. A private global IT company was hit. It was a lot like that original December 2020 attack, but here it's a global cybercrime group learning from the spies. And they copied that intelligence service attack in 2020. They used a zero-day, which means it's a brand new vulnerability nobody knew about, to compromise the IT company software and inject malware that then went to all their customers. And here's, what's neat about this. The company identified it and immediately patched it, but some of the customers were hit, and the bad guys were asking for $70 million dollars for a universal key: pay us that money and we'll decrypt everybody at once.

So the criminals are learning from the spies, and it's created a huge global system of cybercrime. And the spies are always out there doing their work as well. And why is it happening? Because of this pandemic. The threats are higher in 2021. While we're all still working from home across most of the country, often using all sorts of devices that were never built for security.

This global cybercrime network is coming after us and they've completely up their game. And hopefully so have you.

And here's the last stat I'm going to give you: according to the world economic forum, the Dark Web is now the third-largest economy on Earth. Now the dark web doesn't really exist. They don't have brick-and-mortar stores. There isn't some sort of criminal underground, where these bad guys all get together. It's completely in cyberspace. You need to know how to use a particular kind of web browser, and know exactly where to go; and then you can get into this pirate black market for all sorts of crazy things, including custom-made malicious software that can be used for cyber attacks. And the bad guys are doing it.

So think of that: the third-largest economy on Earth. It goes like this, 1) the United States 2) China 3) the Dark web; which doesn't have a country, doesn't have borders, doesn't have a flag, doesn't even exist, but is now growing to the third-largest economy on Earth.

So what can you do?

1. You need to think about Identity Management and Zero Trust. You want to make sure that all users that are accessing your information, human and machine, authenticate and are verified, prior to accessing that data that has become the currency of our lives.
2. You want to engage in Endpoint Security. This means that you're putting your security on every single device that a human is using because the bad guys are coming after the human. You want to make sure that that human who's going to click on that link or open that attachment (and 23% of people who receive those kinds of emails, do it), is not going to make that horrible mistake.
3. Access Management. Make sure you segment your network. Make sure that anyone accessing your data can't get everything. If they attack one person and get their username and password and turn them into what I call a virtual trusted insider, make sure that all they can get is that data, that person has access to, and not everything.
4. And finally, harden your systems. Don't rely on passwords. Passwords are terrible. Passwords are useless. Everybody uses the same password for all their accounts. Somebody has lost that username and password and it's for sale on the Dark Web. So don't just rely on strong passwords, rely on something else, like Multifactor Authentication or Single Sign-on or something more than just the password.

If 23% of people click on email links, that means that spearfishing is responsible for 25% of all breaches.
And we've got to beat that!