Theft, Vandalism Or Blackmail
A neighbour recently turned up on my doorstep close to tears. In her shaken state it was clear that something serious had happened. On reflection my first thoughts were to the scale of a family bereavement. It transpired that she had spent the last hour on the phone with a person she had responded to through a pop up on her personal computer. You know the ones where it says that your computer has been seriously compromised and that you need to call this number to fix the problem, at a cost of course. I need to point out that my neighbour is not computer illiterate and is an intelligent woman. She had started moving and deleting files under his direction that would no doubt grant access for the perpetrator and/or cause the issue that he was stating existed. What grabbed me was not how stupid my neighbour was, but more that the person on the other end of the phone had clearly tapped into her deeper fears. The fear of loss or damage to what she believes as a very important part of her life, resulting in her capitulation.
She was very close to reaching for her credit card and paying £150 to this person. Thankfully she stopped just short of that, however she was not convinced of her resolve. I sat and waited for the guy to call back as he promised and we had a short informed chat. I then spent thirty minutes locking her computer back down. On explaining the truth to my neighbour her reaction was embarrassment, stating she could not tell anyone for fear of ridicule. I did smile to myself at how clever the attack was. This was not just covert, it as was an intelligent psychological attack, targeting the soft underbelly, the fear of loss. It almost worked in this case, I have no doubt it is very lucrative.
At the root of the cyber defence rhetoric is the fear factor associated with loss of the corporate assets or plain vandalism. Obvious of course, although lost in the story is the psychological dynamic of the attacker, the victim, and what the drivers are behind their activity. As a result of vandalism, or reward, how can organisations protect valuable assets from the range of attackers?
It is no coincidence that bodies of experts create compliance standards like ISO27001, and now NIST in the US. These standards can form part of a defence culture along with education and a strong security infrastructure policy. The part of the jigsaw that is often overlooked is recovery. What is the extent of the compromise is the attack malicious, or financially driven. What is my recovery plan!
The intelligent attacker will gain access to the corporate systems and may roost over a period of time creating multiple layers of activity to compromise corporate assets. Alarming trends will put blackmail and malicious disruption of data high on the defence agenda. It is clear that to achieve an intelligent defence approach is critical to understanding the attacker, his motives and his toolkit. Moreover that the attacker understands how to exploit all weaknesses, including those things that tap into our base instincts, defence must address the same.
It is time to take the fight to the hacker; the days of sitting behind a firewall and hoping that everything is locked down are long gone. Defence does not end at the internal interface of firewall it is in the actions and policies of every member of the organisation, the customers and suppliers alike. Particularly how everyone perceive the threats and just as importantly how everyone responds and the recovers from an attack.
Intelligence + Compliance + Continuity = Resilience
WayneJolly