2 minute, 30 second read.
The rise of three great forces is shaping the cyber world today: Cyber-attackers, Amazon, and the government institutions that citizens rely upon for protection. All three play a major role in what’s happening in cybersecurity today.
Today, online criminals are using similar technologies, patterns, and methods to steal data and money from us and each other that Amazon uses to compete successfully with the likes of Walmart. We focus particularly on Amazon because they are large and use the newest Internet technologies very effectively. But we could just as easily point to Netflix versus Blockbuster Video. The theme here is the use of digital-based strategies in the online fields of commerce versus the physical ones.
Alongside cybercriminals, national cyber warriors are fighting each other (unseen by most people) and making up the rules as they go. At the same time, lawmakers, law enforcement, the military, and the judiciary are struggling to defend against cyber-attackers, be they criminals or foreign powers.
With respect to crime, the last time the United States was in a similar situation was during the 1930s. During the time of Bonnie and Clyde, gangsters made good use of new technologies (fast cars, handheld machine guns) and inadequate policing to easily steal from rural bank branches. It wasn’t until the mid-1990s that the necessary judiciary, law enforcement, and bank branch management reforms finally reduced armed bank branch robbery to a negligible amount.
There is a powerful takeaway in here for everyone, especially senior executives: You are the primary protector of yourself and your organization because the government will be unable to play the role for many years to come.
Ironically, while you’re being cyber-attacked, regulators are scrutinizing how organizations manage cyber risk and penalizing the ones that don’t do it well. Our company provides an ongoing service to help executives sort it all out.
How have threats evolved over time?
In terms of network security, the event we think the most about was the online theft of military technologies by the “Hanover Hackers” that was discovered in 1986 and documented in Cliff Stoll’s fantastic book The Cuckoo’s Egg.
In retrospect, many of the techniques in use by cyber attackers and defenders today came into active use at that time:
- Using a global computer network by a foreign government to conduct espionage.
- The use of multiple hops through several different computers prior to attacking so as to mask the origin of the attack.
- The cyber attacker’s illicit escalation of privileges to “root” or superuser on targeted systems.
- Discovery of the attack came as Stoll tracked down a 75-cent accounting error in the chargeback of computing time, highlighting the importance of logging, regularly event reviews, and investigation of suspicious system events.
- Use of a “honeypot” (cache of fake but realistically attractive data files) by Stoll to slow down the attackers long enough to trace their origins (a form of what we now call Active Defense).
- Pioneering coordination of AT&T, the FBI, and the West German government.
- Eventual arrest and conviction of a cyber-attacker, but only through heroic efforts.
In terms of cyber-crime, the 1994 cyber-heist of $10 million from Citi Bank was a major inflection point. It’s believed to have been the first online bank robbery.
Since then, of course, hundreds of millions of dollars have been stolen using cyber-attacks.
These threats aren’t going away any time soon because, as we mentioned above, we don’t yet have a systemic and scalable way to stop the attackers nor hold them accountable.