“Customers are looking for a magical button to stop all these threats,” he said. Businesses will then buy the tools and assume they’re safe, when in reality they aren’t properly being used.
For example, many businesses often fail to install security patches with their IT products -- including the antivirus software -- exposing them to hacks that otherwise could have been prevented. They may also ignore the warnings that pop up from security software, believing them to be a false positive. Or they’ll even forget to turn the software on.
However, in other cases, the businesses had limited expertise on staff to deal with the cyberthreats the security tools encountered.
“If you buy the tools without hiring the right people, you are not going to solve your nation-state hacking problem,” Firstbrook said.
The need for vigilance
For businesses and institutions struggling to recruit security talent, they can consider outsourcing that role to a company like Dell SecureWorks. It is among the vendors that can step in and manage or consult an organization’s IT security.
Phil Burdette, a researcher with the company, noted that foreign government hackers aren’t necessarily using state-of-the-art hacking techniques. Russian cyberspies, for instance, keep resorting to sending phishing emails as a way to steal a user’s password login information.
“There’s always a lot of emphasis on zero-day exploits and the attackers using the most sophisticated methods,” he said. But in reality, state-sponsored hackers tend to “use the path of least resistance.”
To prevent data breaches, users and business should consider implementing two-factor authentication with their email accounts and online services, Burdette said. In that way, the hackers can’t break in with only a stolen password.
He also recommends that organizations partner with specialists who routinely investigate state-sponsored hackers. Often times, a business with less cybersecurity experience will assume it has foiled an attack only to realize the hackers were just getting started.
He also warned that no organization should assume they haven’t already been attacked. Security researchers are continually finding new evidence to suggest state-sponsored hackers were successful years before their intrusions were spotted -- the initial attack simply went undetected.
“We are getting better at learning how bad we are losing,” Burdette said.
Sign up for Computerworld eNewsletters.