There’s no question that for some, 2014 was a year they would prefer not to have repeated. When it comes to “cyber attacks” (I use cyber loosely here..) the year was full of breaches of companies, credit-card data and lest we not forget Sony® and their unfortunate chain of events.
It was also a year that has brought back an old adage that countries hire teams of hackers to perform attacks against their perceived online enemies. Be those other countries, or companies within those countries. The year 2015 is going to be a year filled with more of these attacks. Attacks that originate-from and are on behalf-of countries or lands, against other countries or lands. (referred to as state-sponsored) Whether directly or indirectly sponsored by these lands.
While military prowess and the displays of such have always been used to show a country’s strength, we see more countries relying on a “cyber army” to do this for them. Granted, a lot of what we see is often hyped-up and sensationalized. For example in 2014, a news outlet referred to an Islamic hacking group as “firing cyber missiles at our country”.
Too much TV perhaps? The hacking we see in Hollywood is often greatly exagerrated and with good reason – it is targetting an audience who are interested in what is happening, and the outcome – rather than the “how”. But in the real world, we know the how. And it’s far less “pretty”.
Thrown into an existing mix of criminals, extemeists and “general hackers”, we potentially now also have state-sponsored entities. The combined existence of all of these form a composite attack landscape on the Internet that can scare anyone. Combined with advanced techniques in malware and the distribution of such, we know that 2015 is going to be a year where it will be imperative for corporates, government and end-users to know how they are vulnerable, why, and what they can do about it.
Failure to learn from our mistakes in 2014 is going to result in William Penn’s quote above becoming fact. We cannot waste the time we are given to research, to invest in security, and to assess our security.
The mindset of “No one will target me” is akin to driving your automobile without brakes because no one will stop in front of you. It will end badly, and with a lot of damage. Let’s make 2015 a year with increased security conscientiousness and decreased news reports of huge breaches and loss of customer data.
Its up to us to use our time wisely this year, because we won’t get it back.
Telspace Systems trust your 2015 will be a successful one. We are excited to announce more of our internal, invite only conferences, including international speakers, and we will continue to find and share our 0-Day findings and other important research information with you.