There’s no question that for some, 2014 was
a year they would prefer not to have repeated. When it comes to “cyber attacks”
(I use cyber loosely here..) the year was full of breaches of companies,
credit-card data and lest we not forget Sony® and their unfortunate chain of
events.
It was also a year that has brought back an
old adage that countries hire teams of hackers to perform attacks against their
perceived online enemies. Be those other countries, or companies within those
countries. The year 2015 is going to be a year filled with more of these
attacks. Attacks that originate-from and are on behalf-of countries or lands,
against other countries or lands. (referred to as state-sponsored) Whether
directly or indirectly sponsored by these lands.
While military prowess and the displays of
such have always been used to show a country’s strength, we see more countries
relying on a “cyber army” to do this for them. Granted, a lot of what we see is
often hyped-up and sensationalized. For example in 2014, a news outlet referred
to an Islamic hacking group as “firing cyber missiles at our country”.
Too much TV perhaps? The hacking we see in
Hollywood is often greatly exagerrated and with good reason – it is targetting
an audience who are interested in what is happening, and the outcome – rather
than the “how”. But in the real world, we know the how. And it’s far less
“pretty”.
Thrown into an existing mix of criminals,
extemeists and “general hackers”, we potentially now also have state-sponsored
entities. The combined existence of all of these form a composite attack landscape
on the Internet that can scare anyone. Combined with advanced techniques in
malware and the distribution of such, we know that 2015 is going to be a year
where it will be imperative for corporates, government and end-users to know
how they are vulnerable, why, and what they can do about it.
Failure to learn from our mistakes in 2014
is going to result in William Penn’s quote above becoming fact. We cannot waste
the time we are given to research, to invest in security, and to assess our
security.
The mindset of “No one will target me” is
akin to driving your automobile without brakes because no one will stop in
front of you. It will end badly, and with
a lot of damage. Let’s make 2015 a year with increased security conscientiousness
and decreased news reports of huge breaches and loss of customer data.
Its up to us to use our time wisely this
year, because we won’t get it back.
Telspace Systems trust your 2015 will be a
successful one. We are excited to announce more of our internal, invite only conferences,
including international speakers, and we will continue to find and share our
0-Day findings and other important research information with you.
No comments:
Post a Comment