100 Weeks ago we had an idea to do a weekly security blog and using every sinew of our imaginations, to call it Threat of The Week. Designed to be an informative relevant, accessible and entertaining advisory about the hot security topic of the week, every week. No pressure.
Well somehow we have managed to do a hundred of them, picking up more readers than we have lost, getting some really nice feedback whilst trying to put some perspective on the overwhelming wall of Fear, Uncertainty and Doubt that seems to permeate our industry like a bad smell.
Just this week, Cisco Systems released their annual security report and reported that only 1 percent of announced vulnerabilities were exploited. A true fact, taken totally out of context by the Security media some of whom left it deep into their articles to acknowledge the sage advice that supported the fact:
‘Go to the security experts to see which vulnerabilities are getting exploited … prioritise patching on CVEs those that are actively exploited’
We knew for a long time before we started writing Threat of The Week, and sometime after some of us even spent countless hours pouring over BSD Unix code looking for coding errors which would grant us escalated privilege, that the glory days of hacking for hacking sake were more or less over.
Maybe Mr Mitnick (blessed be his name, burnt offerings, that big boy over there said it) started it with Toll Fraud, now enjoying a comeback with SIP trunk abuse, or perhaps it was blackmailing financial institutions through SWIFT or other credential fraud, but hacking quickly became monetised and who will pay you more for your 0 day, Bill (may his name be praised)’s people, Larry (exaltations)’s people, the other Larry (FOR IT IS HE)’s people or even Mark’s apostles? None of them.
Let me introduce you to jakob3749, buying your 0 day and using a highly organised technological and human operation to monetise it. Totally anonymously, via the dark web. Who thinks that the people running CrypoLocker are the people who found the DLL exploit? That the people who wrote the Zeus man in the middle credential theft package are operating it? Nobody in their right mind.
With the exception of Nation State activity, and we have seen some of that in action and tried to tell people about it only to be laughed at (until Mr Snowden’s revelations years later), the biggest problem that our customers, the enterprise and the individual face today is criminal. Theft, extortion, blackmail. Increasingly organised, increasingly ruthless and ultimately inevitable.
We will continue to advise our customers on how to make things hard for the bad guys, how to detect malicious activity and how to reduce risk to key assets. We will try to keep our next 100 Threats of The Week topical, selective and relevant in this fight against what can only be described as organised crime.
In the meantime, our mantra for 2015 is to expect the worst, identify the assets, systems and processes key to your business, protect them like the gold that that they are, including proactively monitoring threats, but above all, work out what might go wrong, plan for it, test your plan, refresh your plan, test it again. This is not a reactive world. In fact we are taking this so seriously that we are running an event devoted to Threat Intelligence, Monitoring and Planning at The Churchill War Rooms. There may still be time to register, it’s free and promises to be most informative: Register here.
Thanks for your continued support.
If you would like to talk about these or any other information security issues, contact us on: 020 7517 3900 or email: [email protected]
ITC’s Threat of the Week 2015 Predictions has been a pivotal way of us preparing our readers for the inevitability of what we are likely to experience in the next year in security. We have produced this White Paper as a round up of last years Threats of the Week as we hope it will help show our commitment to changing perceptions on the importance of Information Security. We hope you will find it interesting and informative. Download yours here!
