Remember file cabinets? Most businesses have auctioned them off or sent them home with employees. For many, paper is a thing of the past. An expansive communication network has collapsed a once-massive Earth into smartphones that fit into our pockets.
Cloud computing has made all information available wherever our travels take us. We communicate at near the speed of thought, share ideas with only a few keystrokes, and manage global business and financial transactions without leaving our living rooms. In a few short years, the stroke of a pen over paper will become a luxury reserved for those with the most antiquated of sensibilities.
Our abandonment of file cabinets filled with manila folders and reams of paper have forced criminals, spies and attackers to evolve. Ransoming, stealing and disrupting information requires a new approach that doors, locks and security cameras cannot defend. As we push every waking thought (and most of our dreams) to the cloud, physical security investment will be left in the dumpster beside rusty file cabinets. Cybersecurity is the new sheriff in town.
I stand in front of crowds on a weekly basis and explain why there are no hackers, there are only spies. When we picture the Hollywood version of the hacker – that hoodie-wearing kid in a dark basement tapping away at a keyboard – we downplay the very present threat that spies, sophisticated criminal groups, and next-generation terrorists pose to our security, safety, and democracy. Hackers are a nostalgic thing of the past. Cyber attackers are the new normal.
Breaches are often well planned, carefully executed and often backed by expansive funding, dark web distribution networks, and foreign intelligence agencies. Attackers hit us where we are at our weakest; our cyber-Achilles heel. While the West invested in military dominance and force projection, our rivals sent their kids to computer classes and developed cyberattacks. Russia never forgot the Cold War, they simply brought it to the digital level. China farms intellectual property from the United States. North Korea continually presses greedy fingers into our financial sector. Dozens of minor players follow the example of the Big Three.
We’ve made it easy for the attacker. The West is obsessed with email.
Email is impersonal. Traditional accounts do not verify the sender, and most email communications are unencrypted. Small wonder that spies and attackers use this most common form of communication as their espionage playground. Phishing attacks have led to some of the largest breaches of security. We have made ransomware a global pandemic because society can’t stop clicking links and opening malicious attachments. When information is stolen, organisations like WikiLeaks – the fast food of spying – gleefully display our most private information for public scrutiny. Our desperate need to communicate every thought at an instant have chummed the waters of a cyber feeding frenzy.
To defeat the threat, cybersecurity must outpace the attacker. We need to hunt the threat before the threat can hunt us. Remember those old hackers? They now work for the top cybersecurity companies, hanging up black hats for white hats to think like the attackers instead of reacting to breaches in process. Endpoint security has driven defence to the technology portals closest to the human beings that attacks will trick into granting access. Training a person not to click or open an attachment is not enough. Humans will always make mistakes. By turning each endpoint into the most secure room in cyberspace, we can prevent breaches. By collaborating across a vast network of endpoints that leverage a secure cloud, we may be able to prevent all of them.
Cybersecurity is the most necessary partner to progress. No one wants to go back to file cabinets.
By Eric O’Neill, Nation Security Strategist, Carbon Black