The silent cyber war has begun. Instead of battle lines being drawn in faraway lands, a silent war is being waged in cyber space every day. According to Dee Smith, CEO of Strategic Insight Group, we are in a new frontier in cyber warfare. This is not just geopolitically but between new sorts of actors, who have access to the weapons to hack and create real damage in the physical world. Smith says that the average American company is attacked 4 million times per year, or 7.6 times per minute. In the financial services arena, these institutions are attacked a billion times per year, or 1,920 times per minute. Finally, even the U.S. Post Office is under a constant barrage with more than 4 billion forays in 2016. Spilling over on the individual front, three CEOs I know were hit by ransom ware and were forced to pay in Bitcoin in order to get their data back. We are under assault and need to mobilize with strategies to prevent these penetrations, conduct forensic reviews when encountered, and provide for data recovery after we are violated. It is not a case of if, just when. The time to prepare is in the rear view mirror.
The threat vectors are growing from hacktivists who are politically motivated, to cyber criminals who are financially propelled, to nation states and terrorist cells constantly on the prowl. Eighty-two percent of hacks are conducted by hacktivists, but they are only one percent effective. Cyber criminals using tools like ransomware represent fifteen to seventeen percent of attacks, and they are twenty percent effective. Finally, nation states are responsible for less than two percent of attacks, but they are effective ninety-eight percent of the time. So how do we protect ourselves? What is our first layer of defense? At the individual level, common sense and personal responsibility are your guides. Always use licensed software which is being updated with regularity. Hackers expose vulnerabilities in operating systems so pirated software is at high risk. Check your software updates every day. For those who work at home, implement a personal firewall and keep your machines off when not in use. Keep your passwords complicated and create a mental model for regularity of change. This is a pain, but it will serve you well. At the enterprise level, there is Global Data Sentinel (GDS) which has a public and private encrypted key schema that protects corporate data and documents with a proprietary technology. If data is hacked, stolen or compromised, GDS can revoke the encryption key and the data cannot be accessed. GDS even allows companies to secure data at the file level from employees who may try to take corporate information. Whether using good common sense and hygiene relative to our personal data or leveraging a tool like GDS, individuals and companies need to be prepared through a strong dose of prevention.
When a breach does happen, an individual or a firm needs to have somebody to call. On the individual front, one needs to leverage tools like Lifelock or white labeled equivalents. At the corporate level, one needs individuals who do this for a living. Monitoring tools at the enterprise level need to be put in place to effectively prepare for a zero-day event. GDS has tools that allow monitoring inside the company, but also allows administrators and executives to determine exactly who is accessing data within the enterprise. SpearTip, headquartered in St. Louis, MO, provides cyber and counterintelligence services to companies from $100 million to one billion. A group steeped with military intelligence backgrounds, SpearTip provides security assessments, breach response and managed security monitoring. Whether responding to an immediate attack or placing monitoring agents within the enterprise, SpearTip can assist companies who desire to prepare for attack, who have recently been attacked, or who want continuous monitoring to prevent attack. Knowing who or what is attempting to steal or destroy your corporate data is critical to preventing catastrophe. If you don’t have forensic tools, it is difficult to recover and/or prevent these intrusions from happening. It is also impossible to prosecute bad actors in the judicial system without good evidence. Companies need partners who specialize in this type of work and SpearTip is a competent and vigilant firm.
The last line of defense is data recovery. It happened. Your data is gone and you cannot restore. Individuals should keep multiple backups ranging from tools like carbonite, to drop box and external hard drives for each of your PCs. These are all low-cost solutions when faced with the prospect of losing your data. I have one friend who has a Mac that is not connected to the internet so if his data is compromised he has a backup hard drive and a machine from which to boot. Don’t be afraid to keep hard copies of account and passwords physically secured offsite so loved ones can access your life, if necessary. I know people who print quarterly statements and lock them in a fireproof safe. At the enterprise level, companies should move well beyond their traditional backups. With many companies leveraging cloud services from Amazon Web Services or Microsoft Azure, it is easy to be misled into thinking they are covered. Think again. Companies should have multiple levels of backups including physical offsite storage. Global Data Vault leverages data backup infrastructure from Veeam and provides a comprehensive data recovery strategy, including offsite tape storage. With the phenomenon that catastrophic loss of operating systems and data is now a reality, companies need physical, non-networked solutions to balance out a data- recovery strategy. Global Data Vault should be an arrow in your cyber protection quiver.
We live in a brave new world. As technology advances continue to flatten the world and improve our lives, we must be increasingly vigilant. The book Zero Day, by Mark Russinovich, is a fictional tale of how bad actors can create havoc in the physical world of companies, airplanes, power grids and governments. Not too long ago, it took nation states to declare war on one another and destroy infrastructure by military means. Today, the war is in cyber space and the potential to damage our physical world is real. Great emphasis is being placed on anti-virus software, however, these tools are only made to prevent known threats. We know new techniques are being created, deployed and implemented with disastrous results. Imagine a day when your data is destroyed, your operating system inoperable and your business unable to function, invoice or pay vendors and employees. This day is called zero day and it is not fear mongering to warn you to prepare. Start with these three areas: prevention, forensics and recovery and you will be well ahead of the rest of the world. I have had the opportunity to spend time with the CEOs of Global Data Sentinel, SpearTip and Global Data Vault; their tools, techniques and people are first rate. The war has begun and we must prepare.
This is a reprint with permission from author John Humphrey, Principal X42 Ventures LLC.
John Humphrey is a principal at X42 Ventures. X42 Ventures works with mid-sized companies by providing digital strategies and technology platforms to speed the development of web, mobile and eCommerce solutions. www.x42ventures.com.
Global Data Sentinel empowers organizations to protect, share and manage their valuable data even after it leaves their possession. www.globaldatasentinel.com.
SpearTip is a Cyber Security and Counterintelligence Firm providing Incident Response, Penetration Testing and Managed Security Services. www.speartip.com.
Global Data Vault provides for all your DRaaS, cloud based Disaster Recovery and Veeam Cloud Connect and Veeam Replication needs. www.globaldatavault.com.