Cisco security researcher: CSOs should beware hacker/state-sponsored collusion

Canadian CSOs who are already struggling to fend off a multitude of IT security threats may soon face an even greater challenge: the possibility that organized crime and state-sponsored cyber-attackers will start working together, Cisco warned.

In a briefing earlier this week to discuss the Cisco 2015 Annual Security Report, the company suggested there was a serious disconnect between those responsible for safeguarding corporate information. For example, the report said 59 percent of chief information security officers (CISOs) view their security processes as optimized, compared to 46 percent of security operations (SecOps) managers. And although 75 percent of senior security leaders see their tools as very or extremely effective, less than half are using standard patching and configuration to prevent data breaches.

Jason Brvenik, the principal engineer in Cisco’s Security Group who joined the briefing via Telepresence from his office in Baltimore, said that while there is good awareness of potential dangers among senior leadership teams, CSOs may need to deepen their strategic understanding, and increase their ability to question the controls in place and treat security as critical operation.

“There’s an addressability gap in the corporate boardroom,” he said.

This may come as a surprise, given the rash of high-profile data breaches at Target, Home Depot and more recently Sony Pictures Entertainment. In Canada, meanwhile, alleged Chinese-sponsored cyber-attacks on Canada’s National Research Council and other incidents recently lead Treasury Board Secretariat to announce more a commitment of more than than $100 million to improve its IT security posture.

Unfortunately, Brvenik said, there’s little to suggest state-sponsored attacks are on the wane. In fact, some governments and hacker groups may strike up sort of business agreement to accelerate their attempts at penetrating corporate systems.

“There is a tendency to lump all the motivations (for cyber-crime) under this one entire umbrella, but the reality is different,” he said. “We’re beginning to see the beginnings of the industrialization of this space. A criminal organization might have information of value to a state, for example, and sell it to them. Or the state might go through the back end, as it were, rather than conducting its own front-end attack.”

In fact, one of the indicators of how sophisticated cyber-criminals have become is a technique highlighted in the Cisco report that sounds almost uniquely Canadian. The research discusses the rise of “snowshoe spam,” where attackers send out low volumes of spam from a large set of IP addresses to avoid detection, creating an opportunity to leverage compromised accounts in multiple ways. This is much more mature than the scattershot approach of old, or where hackers seemed to be working primary for bragging rights.

“The willingness to have the biggest botnet seems to have waned,” Brvenik said. “There’s no clear winner in the botnet space these days. Being No. 1 means you get taken out. The squeaky wheel gets replaced.”

The main takeaway for IT security leaders, perhaps, is to start looking at cybercriminals more like competitive peers than petty criminals.

“I find myself talking about the attackers as running a business,” Brvenik said, “and we can see them moving towards managing KPIs.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Shane Schick
Shane Schick
Your guide to the ongoing story of how technology is changing the world

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now