Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

How learning from hackers can protect us from cyber attacks

 
November 22nd 2018
Cyber criminals are often ahead of the cyber security industry when it comes to finding the right skills. That has to change.
To protect against cyber attacks, defenders need to take a page out of the book of the criminals and become as agile and innovative as the groups they're trying to protect against, according to a former head of GCHQ.

While serving as director general of GCHQ from 2014 to 2017, Robert Hannigan was at the heart of protecting the UK from a variety of threats -- including those posed by malicious hackers.

And when it comes to cyber defence, he told a London audience of security professionals they can actually look at how hackers operate and apply some of the tactics they use to help improve security.

"I've spent a lot of time looking at these groups, looking at the new and ever more sophisticated attacks that they're developing -- we have quite a lot to learn from these groups," said Hannigan, speaking at a security event hosted by Immersive Labs.

For cyber criminal groups and underground communities on the dark web, speed is key to running a successful operation -- especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay between their discovery, and software vendors being able to release security patches.

"It's all about, can they get there quickly enough, hoover up enough cash to make it worthwhile before the security industry finally catch up with them. So agility and innovation and creativity are really key for them and what they prize above everything else," said Hannigan, who sits on Immersive Labs' advisory board.

While many businesses still look at university education and qualifications as an indicator of whether someone is suitable for a cyber security role, this doesn't apply on the Dark Web -- here all individuals require to get involved in cyber crime is the skills to do the job; they don't need to produce the relevant paperwork to showcase what they can do.

"They've cracked the skills problem in their own way. They don't worry about qualifications, they don't ask for 2:1s in computer science or anything else for that matter," said Hannigan.

"They're interested in whether you can do a particular job and they can pull in those skills from around the internet in a classic criminal gig-economy sort of way. They're ahead of us on that".

The former GHCQ boss drew on an example seen on an underground forum where various dark web operators were discussing how to improve a form of ransomware.

"They're constantly thinking of new ways of doing it," he explained, and argued that security professionals should take the same approach in order to better protect systems and services from attackers.

"There's a challenge for us in industry to be a bit more agile, a bit more like cyber crime groups -- although we do have to worry about the law, of course," he said.

Source

Keywords