The Evolution of Cybersecurity: Adapt or Die

Cyber attacks have become so prolific that it’s not uncommon to hear mention of an impending cyber war. President Obama has even declared the rising number of cyber attacks a national emergency. The interesting thing is that hacking has been around since the early 20th century, and yet it has only become a major concern for some businesses now. This is largely because today’s cyberattacks are far more sophisticated and the damage too costly to ignore. The reality is that to survive, businesses need a new way of thinking about cybersecurity.

To really get a sense of where we’re headed, a clear understanding of how cybercrime has evolved over the the years is essential. Such a perspective highlights the need for a new approach to cybersecurity, and emphasizes the fact that unless something changes the future looks grim. It also makes it abundantly clear that now more than ever we need to invest in more than anti-virus and anti-malware software. We need protection which goes beyond the perimeter.

The early days

There is nothing new about cybercrime. For as long as the Internet has existed, criminals, pranksters and troublemakers have tried to exploit it. Interestingly, there are examples of hacking even before the advent of the personal computers. The best example of this is phone phreaking where computerized phone systems were manipulated to make free phone calls. One of the most notorious phone phreaks, John Draper, became known as Captain Crunch after discovering in 1972 that the sounds made using the plastic whistle found in Captain Crunch cereal could be used to hack AT&Ts phone network.

But these activities quickly developed from harmless pranks into more malicious cyberattacks. The 1980s saw a number of blackhat hackers commit the unthinkable from hacking into NASA computers to compromising top secret FBI databases. One hacker in particular who stands out from this period is Kevin Mitnick. His hacking career started off harmlessly enough and involved mostly phone phreaking. By the late 90s, however, he was one of the most wanted hackers in the U.S. In 1995 he was arrested for a number of offenses including hacking Sun Microsystems, Digital Equipment Corporation, Motorola and Nokia among others. Mitnick’s cyber attacks marked a turning point for the cybersecurity industry, and were one of the first indicators of just how vulnerable security systems were.

The 1990s also saw the rise of never seen before viruses which sparked a need for comprehensive virus protection software. Of particular note was the ILOVEYOU virus which was spread via email with the subject “I Love You”. The email included a malicious attachment which once opened destroyed all image and music files stored on the computer. The email also automatically forwarded itself too all email contacts on the newly infected machine. This virus is estimated to have cost $5.5-8.7 billion in damage and an additional $15 billion to remove.

In 1988 the Internet was hit by the Morris worm. The worm wasn’t malicious and besides slowing down a computer, wasn’t harmful. However by exploiting vulnerabilities, the worm was able to replicate and spread rapidly bringing many computers to a standstill. While it is estimated that this worm caused between $10 million and $100 million in damage, the worm was nothing more than experiment. In fact, it’s believed that Robert T Morris, the creator, released the worm in an attempt to see how big the Internet was. We certainly have come a long way since then.

The nature of modern cyber attacks

Cyber attacks now occur far more frequently, and the repercussions are often crippling, with some estimates suggesting that cyber attacks cost businesses $400 billion every year. But it’s more than the frequency or financial implications that are cause for concern. Increasingly, cyberattacks are politically motivated with groups like Anonymous relying on distributed denial-of-service (DDoS) to bring down government, religious and corporate websites they disagree with.

Anonymous may be the most well-known group of political hacktivists, but they are by no means the only one. Groups like the Middle East Cyber Army and AnonGhost also use hacking, defacements and DDoS attacks as a form of political protest. Earlier this year, a group claiming to be affiliated with the Islamic State hacked the social media accounts, including Twitter and YouTube, of the U.S. military’s Central Command. The group used the account to post Islamic State propaganda and other threatening messages.

Cyberattacks are also no longer limited to a company’s website exclusively. After all most companies have an extensive online footprint that extends to their social media profiles, blog and website. These online assets, while useful for branding, have vulnerabilities  that can easily be exploited by hackers. In 2013, for example, the Syrian Electronic Army hacked the New York Times website and Twitter feed using sophisticated phishing techniques. These kinds of attacks are becoming increasingly common. A few months ago a similar attack was carried out on Tesla where once again the company’s website and Twitter feed were hijacked.

Company blogs are also vulnerable and open to attack. This is because many of these blogs, around 142 million according to a recent report, are running outdated version of WordPress and old plugins making them particularly vulnerable to attack. It is not limited to WordPress which means that countless blogs and websites could be at risk. This is a very real threat, and the effects cannot be ignored. For example, in the aftermath Charlie Hebdo shooting an estimated 19,000 French websites were hacked by Islamist hackers who successfully exploited CMS weaknesses.

DNS hijacking is another thing businesses need to worry about. This involves an attack on a website’s Domain Name System (DNS) where a website’s domain name records are modified to redirect to a different website. Many companies have been attacked in this way recently. In February, for example, Lenovo and Google’s Vietnam domain were hijacked in a DNS attack. In this attack, Google.com.vn was redirected to a website which read: “Hacked by Lizard Squad, greetz from antichrist, Brian Krebs, sp3c, Komodo, ryan, HTP & Rory Andrew Godfrey (holding it down in Texas).” While the Lenovo attack was similar in nature it was more serious. In addition to redirecting the company website, attackers changed mail server records which enabled them to intercept emails sent to Lenovo. The attackers then published two of these emails.

Cybersecurity has to adapt

In response to the ever-changing nature of cyber attacks, cybersecurity has also had to evolve. Malware, spyware and viruses are now the least of a company’s worries. Businesses need a far more intelligent solution which is able to respond to threats in real-time. There is also a need to secure more than simply a company’s website.

For cybersecurity to be effective it needs to adapt to the challenges posed by a growing digital footprint. What’s needed is an all-encompassing approach which covers everything from a company’s social media profiles to their company blog.

Cybersecurity in its current form is outdated, ineffective and incapable of providing the level of protection needed. Businesses have little choice but to get smart about cybersecurity. After all those that fail to adapt are likely to fall prey to a malicious attack. That’s where a solution like Cyberint comes in. This includes targeted cyber intelligence and comprehensive online asset protection that goes beyond the perimeter.