In your view, how have security threats evolved over the past three years?
Threats have changed significant over the past few years, in particular in their ability to hide themselves from the end-user and even security tools and the amount of damage that can be caused. Recent years and attacks have seen new actors and motivations evolved. Cyber espionage attacks have increased in frequencies, as long-term and new players stealthily gather information and find new ways to steal money. McAfee Labs also predicts that small nation states and foreign terror groups will take to cyberspace to conduct warfare against their enemies.
In recent times, the technical barriers to engaging in malware development to carry out cyber attacks have significantly reduced. The Cybercrime-as-a-Service or 'pay-to-prey' marketplace of target researchers, threat developers, attack managers, and infrastructure providers makes it very simple for an attacker.
Recent advancements in technology such as moving to the cloud and Internet of Things devices have also presented new surfaces for attackers to target. For example, on the cloud, users' data is usually simply a password away. IoT devices, such as Internet-connected security cameras can be easily breached.
With each report of security breach, we learn that the level of threat has become even more sophisticated. Why do cybercriminals seem to be able to stay a step ahead despite deployment of increasingly more sophisticated security measures? Where is the motivation to break the security coming from? Who stand to benefit?
Data that cyber criminals are extracting are now worth more than before. For example, the data on healthcare IoT devices in hospitals is even more valuable than credit card data because stolen health credentials can go for $10 each, which is about 10 to 20 times the value of a U.S. credit card number, according to Reuters. While the typical cyber criminal is motivated by money, we can also expect small nation states and foreign terror groups who will exploit the loopholes in cyberspace to collect intelligence that they can either sell or use at a later date against their enemies.
The rate of cyber criminals becoming increasingly sophisticated with their attacks, exceeds the maturity of solutions and measures organisations and users are putting to use.
The weak link has almost always been associated with users who didn't play it safe, so to speak. Why can't we implement a water-tight security system?
It's certainly a sobering thought that one of the weakest links in enterprise security is the users. There is nothing new about criminals targeting human carelessness, but we've never seen the use of phishing and spearphishing wreak such havoc, at scale, upon governments, retailers, banks, and other organisations.
Sign up for Computerworld eNewsletters.