Hackers do not have an identity. They are sometimes politically driven, sometimes they are into espionage. And honestly the most dangerous group is the organized syndicate. Because they are highly motivated by monetizing the information. If you really think about the kind of work they used to do and get caught. Now they have sort of channeled their effort into cyber crime and then how often do they get caught? The danger is in the evolution of how organized crime is going to look like. This is a new avenue. And now let me kind of mess you up a bit. How will you know whether an hacker is working for s syndicate or a nation-state? They don’t put up pictures, they don’t carry a card. So it is indeed difficult as you can see how they could easily hide. So the traditional way of putting a picture of a criminal on a wall and then you say this the the criminal and you arrest him is not going to be that easy anymore. So the future has to intelligent driven. Instead of trying to figure out who are the bad guys, figure out who are the good guys. Then assume everybody as suspect.
I think we have seen too much investment in prevention space. There should be equal response in prevention, detection, and response.
The evolving world of cyber attack
At the end of the day what a threat does are two things. One, it tries to get something from you, And two, it tries to get into your environment without you knowing. This is exactly what cyber criminals are trying to do. One of the most effective and common method that we see that they deploy is called ‘spear phishing’. It suggests that it’s like taking a spear and going after a single phish. So think of phishing as a big net. A fisherman throws a big net and he does not know what is he going to catch. In spear phishing you look for the target and you hunt for it. So here we have a website that basically looks almost identical to a legitimate website. But you just change certain things. Like instead of entering a user id he has to enter ATM card and pin number. In the early days when internet banking was starting it was not a common knowledge to users to think that you should not be sharing ATM card and pin numbers over the internet. It is not normal to assume that a normal mobile phone user would actually think of the danger behind doing something like this when we are downloading an app. This just doesn’t occur to them.
The onslaught of hackers on RSA itself
RSA learned a lot. We learned so much that now we consider that incident the guru in terms of how customers can be prevented from getting into that same position. I think as an organization the first thing that we did correct was coming out very quickly and talk about the incident. Follow up ion what organizations should be doing to find the solution to this. Obviously looking back right now, it’s almost two and half years, those days I think there were lots of criticism happening centering this. But soon we saw that the years that followed many organizations were hit but not everyone came out as quick as we did. I think the first thing was we demonstrated that just like everyone else we were not perfect. We obviously had loopholes. But we definitely had the will to come up and say that we have our customer’s interest in mind. Because we wanted to make sure that we do not become the accessory to them in being compromised. And I think we were very confident right now that after two and half years to say that no one has actually been compromised because of our breach. There isn’t one. If there is one who did not come out I would be surprised. Even the closest company that suggested that we were …because of our breach that they got compromised did not lose any data. He became one of our largest customer.
The thing that I just earlier about spear phishing , that was the method how we were attacked. The adversaries today are very smart. Gone are the days where they used to sent you an email with promotion, or items or some crazy exotic news, just so that people would click on it. Now they create a emails that look exactly like a real one to hijack your account.
Role of Big Data in cyber attack
The attack surface has definitely grown tremendously. We used to have one laptop accessing the corporate network. But now we have tablets, phones, pads, and so many devices, doing almost the same thing. So many entry points have devastated the perimeter defense system that you had. The sheer number of devices, this is just the internet of things. So the attack surface is going to change tremendously. So mobility is a proponent of the increase in attack surface. Big Data will go beyond security devices, it is going to collect data from every single point your organization has and put further more context into the scene. Big Data will be another sauce. It will make the security do more analytics. Big Data is just not about security. It is everything. Where we come in is because we eat, sleep and drink security. We think about security everyday. So we take that sauce of which data and add on to what we already have. So you are going to see massive enhancement of how we can take of what Big Data does to us in terms of information that it collects and then collate that information with what we have. So in my opinion it is going to be an amazing journey.
Prevention is better than cure
Firstly, one got to know what one has and how critical these things are. Sometimes company does not what they possess and what you have got to protect. Secondly, you got to be able to classify them by criticality. Thirdly, how will you protect it. We believe in future you got to have analytic. If we can give a platform to the source of information, know its inception then problem will be greatly reduced. We need to share information. This will reduce anomaly to a great extent. So risk assessment, analytic, controls, information sharing are some of the models a company should look at when it comes to security.