As a cybersecurity professional, you are the guardian of data, the gate keeper, and the architect of defense. You live on the front lines of a digital battle against invisible enemies and advanced persistent threats.
It’s your job to find and protect any possible vulnerability or weakness that could be exploited anywhere in your organization at any time—24/7/365.
Your enemy’s job is to find one weakness. Just one!
Your enemy will exploit your infrastructure, your people, and anyone connected to you in order to get what they want. And they are evolving. They are more organized and sophisticated. They have more digital weapons, more money, more technology, and more opportunity and desire.
The Chinese warrior general Sun Tzu wrote over 2000 years ago that, “The good fighters of old first put themselves beyond the possibility of defeat, and then waited for an opportunity of defeating the enemy.” Today, that same principle holds true.
As protectors of the digital realm, we must be like “the good fighters of old.” We must proactively prepare to negate the possibility of defeat, while building plans and strategies to defeat those that would do us harm or put us out of business. This is the life of the cybersecurity professional. It’s a job that never ends, never stops evolving, and never rests.
In order to proactively prepare, we must first take time to understand our enemy. Who is looking to breach our defenses? What are their motives? What is their level of education? What is their technical prowess?
Building a cracker or hacker profile is not an easy task. While there is a fair amount of discord about terminology, when it comes to hackers and crackers, for the purpose of this blog, we will refer to hackers as either good guys, bad guys, or somewhere in between. Just for the record, hackers that use their skills for self-gain and malicious or unlawful purposes should be referred to as crackers, while hackers may be good guys or something in the middle, depending on their moral compass.
Hackers and crackers fall into several categories.
The constant media image of Black Hat hackers lurking in the Dark Web, living in their mom and dad’s basement, wearing a hoody and Chucks, smoking packs of cigarettes and drinking beer while digital characters float into space is the picture we have all been sold. In reality, this is far from the truth.
Today, the threat landscape is much more organized and dangerous. The past few years have proven that cybercriminal activity has a low threshold for prosecution and a high threshold for profit. Cybercriminal organizations are well financed, have business plans, employees, target goals, strategies, HR departments, and the latest technology. As they grow, they are adopting big business models offering franchises, reseller partnerships, customer service, collaboration tools, and training. Cybercriminals are also working together to form global criminal communities.
In an article published on ZDnet Nathaniel Gleicher, head of cybersecurity strategy at Illumio®, explains: "You have people who are managing and distributing credit card information, people who are cracking bank accounts, people who are managing remote access toolkits, to people who specialize in social engineering. There are very specific skillsets."
But it's not just gangs of hackers anymore: the cybercriminal ecosystem has evolved to the extent that it supports roles you'd expect to find in any large business.
In the same article, Sian John, chief strategist for EMEA at Symantec®, adds: "Advanced cybercrime groups now mirror legitimate organizations in the way they operate, with networks of partners, associates, resellers, and vendors. Some groups even deploy call center operations to ensure maximum impact for their scamming efforts."
These trends suggest that hacking and cybercrime are no longer the domain of individuals seeking to make a nuisance of themselves. Cybercrime is now an industry involving major criminal groups, with ecosystems as well-structured as the corporations they're likely attempting to target. Organizations must therefore ensure their own defenses are up to fighting this threat.
As businesses seek to protect themselves from these threats, several key factors come into play:
In the end, vigilance is the key. As IT security professionals, we must remain on guard and be prepared at all times. We must understand the risk, the players, the strategies, tools, and code of conduct that malicious hackers seek to employ to do us harm. The old stereotype of a lone hacker sitting in the dark should not be your biggest concern. The truth is hackers may just look like your neighbors getting up and going to work. The question is, what color hat are they wearing?
Remember if you are connected, you must be protected.
Rick Miller is COO and Partner of The Tek, an MSSP specializing in risk assessment, risk mitigation, protection, and education to SMBs. Rick is a long-term veteran in the IT industry. His success has been founded in propelling start-ups and turnarounds to success and profitability. His experience has helped to grow multiple companies from start-up to profitability.
To find out more about how SolarWinds MSP can help you assess risk and protect your business, click here.
© 2017 SolarWinds MSP UK Ltd. All rights reserved.