Skip to main content

Science fiction comes to life with predictive threat protection

The 2002 blockbuster movie, Minority Report, which is set in the year 2054, foresees a future where technology can predict which crimes will take place and police work is based on prevention rather than prosecution. The film was based on a classic sci-if short story written by Philip K Dick and published in 1956.

But cyber reality is already fast catching up with science fiction. The cyber security industry is now finding that predictive technology is now essential if organisations are to stay one step ahead of cyber crime. As companies become increasingly effective at securing their digital networks, cyber criminals are becoming more skilled at developing ways of infiltrating corporate IT systems by finding weak spots beyond the traditional security perimeters.

This could include monitoring the social networking activities of senior executives and key staff working in the accounts or IT departments in order to build a convincing enough profile to launch a spear phishing attack, a process known as 'social engineering'. Such attacks have been used to find an entry point into a corporate system in order to siphon off millions of pounds or steal mission critical business intelligence.

The insertion of ransomware into a corporate system, for example, now enables cyber criminals to encrypt crucial business data such as customer details and account information, only releasing the data once a hefty ransom sum has been paid to the cyber criminals. With 120 million new ransomware samples having been identified in 2015, this is now perceived by law enforcement agencies such as the FBI and Europol as a major international threat.

Cyber crime often extends beyond national borders. Pre-configured ransomware can be purchased from certain forums on the Dark Web, in one country and deployed in another. Even if the perpetrators of a ransomware attack can be identified, it may be that they are based in a country such as Russia with no extradition agreement with the UK. Often, cyber regulations such as these lag far behind those in the US and Britain.

Police forces offer only limited protection

Overstretched national police forces can offer only limited protection from cyber crime and all companies now have a duty not only to their shareholders but also to their customers and partner organisation to do their utmost to safeguard mutually shared data.

This means not only looking outside their traditional defences and educating staff regarding, for example the dangers of inadvertently divulging privileged information on social media such as Twitter, LinkedIn and Facebook, but also by trying to anticipate when and where the cyber criminals are likely to strike next.

Companies must be adept at predicting timing of future attacks

It is no longer sufficient merely to respond to cyber attacks as they occur, as by this time it is likely to be too late to do anything other than cough up a hefty ransom in the by-no-means-certain hope that the criminals will then release the encrypted data. Organisations now need to take a truly predictive approach in combating the cyber threats. We’re seeing more and more global initiatives for intelligence led cyber attack simulations (as defined by the Hong Kong Monetary Authority) or intelligence-led penetration testing (as defined by CBEST from the Bank of England).

It is essential that companies understand that, in order to keep pace with the growing threat of cyber crime, they need to deploy cutting edge-technology of the same level as that now used by international gangs of cyber criminals in order to try and stay one step ahead of them.

And when an upcoming threat is predicted, steps must immediately be taken by the organisation under threat. Failure to do so can result in a disaster such as that which recently overtook the Democratic National Committee in the US, when officials for months failed to heed warnings from federal investigators about a potential cyber attack, resulting in thousands of Democratic National Party emails being hacked.

The attack is thought to be part of a wave of Russian cyber attacks aimed at political organisations and academic think tanks in Washington, according to US officials briefed on the investigations.

Elad Ben-Meir is VP of marketing at CyberInt

Image Credit: Brian A Jackson / Shutterstock