The old cliché of the lone hacker, clacking away feverishly, blinds closed, coffee and cigarette his only companions, is well past its expiration date. Today’s hackers are no lone wolves; they’re creative professionals, members of sophisticated organizations run with all the intelligence and vision of any successful enterprise.
“Cybersecurity has turned into a business,” said Trend Micro’s VP Cybersecurity Greg Young in a recent webinar with ITWC CIO Jim Love. “With this business has come a high level of creativity. This means that companies of every size need to be prepared for every level of attack.”
A dramatic increase in how cybercriminal organizations are run, and in the skill level and professionalism of those who fill their ranks, has opened up businesses in the “legitimate economy” to more and more inventive attacks. Hackers are thinking outside the box, looking to simplify their work by reducing the number of steps they have to take to achieve their one and only goal: making money.
“There’s a big shift over to crypto-mining with ransomware right now,” said Young. “Taking over a machine and ransoming someone is a lot of steps. The new way is to take over a machine, or take over resources, and use it to mine for bitcoin, for example. It’s not as confrontational, so that’s the big area. Crypto-jacking — or crypto-mining, as it’s called — that’s ransomware 2.0.”
But Young says the biggest danger may very well still be coming from “old” threats.
“A lot of the stuff that people are getting hit with has been seen before,” he said. “In fact, 99.99 per cent of the time you’re going to be hit with something we already know about. There’s already an antivirus or IPS signature out there. It’s already been researched. It may be a variant of it, but it’s still the same vulnerability.”
In A Crash Course – Getting Security Right in 2019, Love and Young provide great (and timely) intel on the kinds of actions your organization should be taking in the near term based on what appears to be coming. The interactive one-hour session covers a lot of ground, including:
- Security spending and verticals
- The cybersecurity skills shortage and how to solve it
- Silos and the importance of communication
- The importance of tracking both data and spending
- Looking outside IT for organizational security risk
- Key takeaways that will set your company on the right path going forward into an uncertain future
Ready for a crash course in security? View A Crash Course – Getting Security Right in 2019 on demand now.