Advanced Persistent Threat: a new cyber attack eco system emerging

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

Uri Rivner is VP Business Development & Cyber Strategy at Israeli start-up BioCatch.His

Keynote at Cyber Security Expo

focuses on Advanced Persistent Threats (APT).

1 How worried should CISOs and CEOs be about the threat from

Advanced Persistent Threats

(APT)?

Obviously you should ask the CEOs, but advanced persistent threats have become mainstream. Three to four years ago, it was a novelty - not any more. If you care about your intellectual property, you’ve got to take this threat seriously.

Then there's theserious impact on the bottom line, the cost of these attacks. And the damage to the reputation of your business, the loss of trust among customers and partners. And of course, you may not even be the final target, merely a stepping stone to a bigger targetand the legal implications of that. This is the reality, and the starting point of this discussion

2 By focusing on

Advanced Persistent Threats

, are we in danger of missing more threats from more conventional sources?

We are still spending around £70bn every year on something that doesn’t work. Paying for IPS, IDS, web filtering and antivirus - the traditional basics of security. This cannot continue, security is not working. I don’t want to pay that much for a commodity. So there'sno danger of missing old threats because you have that covered - but the new threats are much more serious and insidious, and

conventional defences

cannot cope.

These are

Advanced Persistent Threats

, hacktivism and cyber crime with criminals now working right inside corporations. Three years ago, criminals were just after employees money by hijacking online bankingsessions.Now they're after the business itself with APTs used to steal data and IP.

We need security that will perform detection, investigation and resilience. In other words, cyber-intelligence.

3 In your experience is the APT problem getting worse? Without giving away too much of your talk what new techniques are the bad guys using?

There is evidence that there is a blurring of lines between

cyber criminals

, hacktivists and state actors - all assisting each other to their respective goals. And many more nations are now involved, it's not just China anymore. The actors have become very adaptive and cunning, and as I mentioned, attacking new vectors such as the supply chain. We are seeing almost the emergence of a attack ecosystem, where it is difficult to identify who is who. A kind of merging of attackers.

4 Tell us a little bit about your new company BioCatch.

If you recall the famous scene in

Blade Runner

when a replicant is being interrogated to see if he is human or not. Our technology does something similar with cognitive science. At the core of the technology lies a unique, mechanism we call Invisible Challenges.This mechanism is responsible for the interaction of the user with the application, so whenever a user interacts with an application, a subtle dynamic cognitive challenge is injected and the user responds without being aware to the fact it was there.

Each user reacts differently and has a unique Cognitive Signature. If a deviation from the regular behavioral profile is spotted at any point during a session, BioCatch immediately senses foul play and sends out an alert of a possible threat. The best thing is, it works!

We are in talks with top banks in the UK, Spain and Italy and a major

public cloud provider.

5 What are you lookingto get out of Cyber Security Expo 2014?

In the banking sector not about just stopping fraud anymore. It's about the fraud, friction and functionality conundrum. To defeat fraud you add more security which adds friction and a loss of functionality. But we need to reduce friction to boost functionality, ideally.

So I’d like to talk to visitors from other industries at Cyber Security Expo to see if they have the same problem in their organisations. For example, are they under pressure to increase functionality through

BYOD

and Instant Access etc, but are they managing thiswithout increasing friction? I’d like to find out.

6 What are you hoping for in the year ahead in terms of security?

Look, there’s always going to be more fraud. I want to see how people move beyond that, are you stopping business or enabling business? How do we make it so that the business still operates. You have to find clever ways of increasing security without hindering the business.

Jo

in UrionWednesday09thOctober, 13:40 - 14:10,in the

Cyber Security EXPO

Keynote Theatre.

Topics